# Getting started

## Authentication

In order to perform calls to Xpansiv Connect APIs clients have to send a Bearer token as part of the request.
Bearer tokens are issued by Xpansiv Authorization Server.

Depending on what's the environment you're working with the Authorization Server URL will be different.

| Environment | URL |
|  --- | --- |
| PROD | https://auth.xpansiv.com/oauth/token |
| PREPROD | https://xpansiv-pre-prod.us.auth0.com/oauth/token |


### Generating bearer token

To generate bearer token one has request credentials from Xpansiv and replace placeholders in the request below:


```shell
curl --location '{AUTH_SERVER_TOKEN_URL}' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'grant_type=http://auth0.com/oauth/grant-type/password-realm' \
  --data-urlencode 'realm=Username-Password-Authentication' \
  --data-urlencode 'scope=SCOPE' \
  --data-urlencode 'audience=https://xpansiv/platform' \
  --data-urlencode 'client_id={CLIENT_ID}' \
  --data-urlencode 'client_secret={CLIENT_SECRET}' \
  --data-urlencode 'username={USERNAME}' \
  --data-urlencode 'password={PASSWORD}'
```

If successful, the above command returns status code 200. The response will look like this:


```json
{
    "access_token": "eyJhb...",
    "scope": "",
    "expires_in": 86400,
    "token_type": "Bearer"
}
```

## API call example

Extract "access_token" values from the response and use it call Xpansiv Connect API. It must be provided as part Authorization header:


```shell
curl --location https://uat.preprod.connect.xpansiv.com/app/api/v1/retirements/program/ACR/rules \
    --header 'Accept: application/json' \
    --header 'Authorization: Bearer {access_token}'
```