In order to perform calls to Xpansiv Connect APIs clients have to send a Bearer token as part of the request. Bearer tokens are issued by Xpansiv Authorization Server.
Depending on what's the environment you're working with the Authorization Server URL will be different.
| Environment | URL |
|---|---|
| PROD | https://auth.xpansiv.com/oauth/token |
| PREPROD | https://xpansiv-pre-prod.us.auth0.com/oauth/token |
To generate bearer token one has request credentials from Xpansiv and replace placeholders in the request below:
curl --location '{AUTH_SERVER_TOKEN_URL}' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=http://auth0.com/oauth/grant-type/password-realm' \
--data-urlencode 'realm=Username-Password-Authentication' \
--data-urlencode 'scope=SCOPE' \
--data-urlencode 'audience=https://xpansiv/platform' \
--data-urlencode 'client_id={CLIENT_ID}' \
--data-urlencode 'client_secret={CLIENT_SECRET}' \
--data-urlencode 'username={USERNAME}' \
--data-urlencode 'password={PASSWORD}'If successful, the above command returns status code 200. The response will look like this:
{
"access_token": "eyJhb...",
"scope": "",
"expires_in": 86400,
"token_type": "Bearer"
}Extract "access_token" values from the response and use it call Xpansiv Connect API. It must be provided as part Authorization header:
curl --location https://uat.preprod.connect.xpansiv.com/app/api/v1/retirements/program/ACR/rules \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {access_token}'