2.1 Developer Portal Access and Prerequisites

The developer portal is open to the public. To create API credentials and test with real data, an expereo.one user with the developer role is required. This role can be created via the manage users section of the expereo.one portal.

2.2 4 Steps to API Authentication

The expereoOne API uses OAuth 2.0 to authenticate requests.

1. Log in as a Developer: Log in as a Developer; you may need to create a new user from the Profile page.
2. Generate API Keys: Generate a new set of API keys (Client ID and Client Secret Key) from the API Credentials page.
   • WARNING: The Client Secret Key is shown only once and cannot be retrieved later; it must be saved in a safe place and should not be shared with anyone.
3. Obtain a JSON Web Token (JWT): Use the generated keys and the relevant scope(s) to authenticate with the auth server.
   • Authentication Endpoint: https://auth.expereo.one/oauth2/token.
4. Use the Token: Include the JSON Web Token in all subsequent HTTP requests to the GraphQL endpoint.
   • GraphQL Endpoint: https://api.expereo.one/graphql.

Example Authentication via curl: This uses the required customerapi/basic.read scope:

curl -X POST "https://auth.expereo.one/oauth2/token" \

-H "Content-Type: application/x-www-form-urlencoded" \

-d "grant_type=client_credentials" \

-d "scope=customerapi/basic.read" \

-d "client_id={CLIENT_ID}" \

-d "client_secret={CLIENT_SECRET}"

2.3 Scopes and Permissions

Scopes are permissions that determine the access an application will have to your expereoOne account.

Scopes cannot be changed after the API keys have been generated; a new token must be created if different permissions are required.