4U Platform

- <a href="http://help.4uplatform.com/en/articles/9308810-4u-developer-site">Overview</a>: An introduction and high-level overview 
- <a href="http://help.4uplatform.com/en/articles/9309049-4u-developer-site-sandbox-environments">Sandbox Environments</a>: The freedom and security to iterate quickly with production-quality data
- Authentication: You're here!
- <a href="http://help.4uplatform.com/en/articles/9309047-4u-developer-site-getting-started">Getting Started</a>: Examples to help you get straight to work using our APIs 
- <a href="http://help.4uplatform.com/en/articles/9309035-4u-developer-site-data-models">Data Models</a>: A brief overview to help you get oriented
- <a href="http://help.4uplatform.com/en/articles/9309007-4u-developer-site-api-standards">API Standards</a>: We're RESTful JSON over https -- familiar, friendly, and effective
- <a href="http://help.4uplatform.com/en/articles/9309032-4u-developer-site-file-uploads">File Uploads</a>: Our approach to getting your files where you want them
- <a href="http://help.4uplatform.com/en/articles/9309043-4u-developer-site-apis">API Documentation</a>: A live swagger UI using OpenAOI 3.0.1 that plays nicely with Postman and similar tooling
- <a href="http://help.4uplatform.com/en/articles/9309051-4u-developer-site-faq">FAQ</a>: We all have questions. Right?

4U APIs use the <a href="https://tools.ietf.org/html/rfc6749" rel="nofollow noopener noreferrer" target="_blank">OAuth 2.0 protocol</a> for authentication and authorization and we support the standard client credentials flow for machine-to-machine (M2M) access.

As part of being set-up with your sandbox environment, you will be provided with client credentials in the form of a <code>clientId</code> and a <code>clientSecret</code>. In addition, you'll be provided with the url of a 4U Authorization Server.

Your client application requests an access token from the 4U Authorization Server, extracts an access token from the json response, and sends the token as part of your request when accessing 4U APIs.

Access tokens periodically expire and will need to be refreshed by using your <code>clientId</code> and <code>clientSecret</code> to obtain a fresh token.

For purposes of illustrating the flow, here's the sequence carried out using <code>curl</code>:

curl --request POST "https://${AUTH_HOST}/oauth2/token" \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=client_credentials' \ --data-urlencode "client_id=${CLIENT_ID}" \ --data-urlencode "client_secret=${CLIENT_SECRET}"

might return a response similar to (the <code>access_token</code> has been shortened for ease of reading):

{ "access_token": "eyJraWQi.OiJ3XBfz3TkU2.7q8gHmqgw", "expires_in": 3600, // in seconds "token_type": "Bearer" }

You can then make a request to the 4U API as follows using the <code>access_token</code> in the previous response:

curl "https://${API_HOST}/content-service/api/v1/content-format' \ --header "Authorization: Bearer ${ACCESS_TOKEN}"

___________________________________________________________

We're here 4U – <a href="mailto:integration@4uplatform.com" rel="nofollow noopener noreferrer" target="_blank">integration@4uplatform.com</a>

Looking for something else?

OAuth Client Credentials Flow

Credentials

Authorization Flow