Skip to main content

Api Specifications

Everything about authentication and how to get a token

Get an access token as a user.

Implementation of this method by the partner is not required.

Call the /token endpoint. The grant_type must be 'urn:ietf:params:oauth:grant-type:jwt-bearer'. You must provide an assertion with a valid JWT token. The JWT token must contain a iss claim with the client ID provided by Talentsoft. The signature is generated with a client secret exchanged between Talentsoft and the partner.

Example :

    POST /token HTTP/1.1
    Content-Type: application/x-www-form-urlencoded
     
    grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&
    assertion=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjbGllbnRfaWQiLCJhdWQiOiJodHRwczovL2FwaS5zaXRlLmNvbSIsInN1YiI6IlRhbGVudFNvZnRNYXJrZXRQbGFjZSIsImV4cCI6MTUyMDE4MjEzMCwiaWF0IjoxNTIwMTgwOTMwLCJlbWFpbCI6ImplYW4uZHVwb250QHNpdGUiLCJuYW1lIjoiSmVhbiBEdXBvbnQifQ.PlwMiXNBMqi_GKfa-kN8BLm2zQ6mqMeqGaDRsShZOjA

Response :

    {
      \"access_token\": \"2YotnFZFEjr1zCsicMWpAA\"     ,
      \"token_type\": \"bearer\",
      \"expires_in\": \"3600\"
    }

Get an access token as an application.

Implementation of this method by the partner is required.

Call the /token endpoint. The grant_type must be 'client_credentials'. You must provide a client_id and a client_secret provided by Talentsoft.

Example :

    POST /token HTTP/1.1
    Content-Type:      application/x-www-form-urlencoded

    grant_type=client_credentials&
         client_id=428a51ae-0387-43ab-8c64-cf026f77656f&
    client_secret=26a5c010885148d1afe2d535cb3e9ffaacbc714597bb4abdb2a6fca6d16658bf

Response :

    {
      \"access_token\": \"2YotnFZFEjr1zCsicMWpAA\"     ,
      \"token_type\": \"bearer\",
      \"expires_in\": \"3600\"
    }

Use the access token

Authenticated requests must contains the Authorization header with the bearer access token Example :

    GET /videos/campaigns HTTP/1.1
    Host: api.partner.com

    Authorization: Bearer <access_token>

How to identify a user ?

An user is identifiable by his email. In all calls made by a user the HTTP header X-Current-User is added with the user's email address.

If you have implemented the retrieval of an access token per user (with the grant type urn:ietf:params:oauth:grant-type:jwt-bearer) the JWT token payload contains the user's email in the field email. The content of the JWT is not encrypted, it is just encoded in base64, so you can read it without the need for the secret key. The secret key is only used to validate the JWT signature.

"In construction" Yaml Specification