API Authentication

Our API uses the OAuth 2.0 Client Credentials flow for authentication. This flow is designed for machine-to-machine (M2M) communication—typically used by backend services that need to authenticate securely without user interaction.

What is the Client Credentials Flow?

The Client Credentials flow allows a client (such as a backend service) to authenticate with the authorization server using its own credentials (client_id and client_secret) and obtain a bearer token. This token is then included in API requests to authorize access.

How It Works

Your service sends a POST request to the token endpoint with its client_id and client_secret.
The authorization server validates the credentials and issues an access token.
Your service uses the bearer token in the Authorization header to make authenticated API requests.

Getting an Access Token

Before you can create an access token, you will need to reach out to our team to organise API credentials for BNDRY.

Make a POST request to the token endpoint:

POST /oauth2/token
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&
client_id=YOUR_CLIENT_ID&
client_secret=YOUR_CLIENT_SECRET

To do this using curl you would:

   $ curl https://auth.bndry.app/realms/bndry/protocol/openid-connect/token -XPOST -d "grant_type=client_credentials&client_id=[client_id_here]&client_secret=[super_secrets_here]"

Using the Access Token

Once you have your token you want to use it as the authorization header:

Authorization: Bearer <access_token>