API Authentication
Every API request requires a valid authentication token passed via the Authorization header.
POST
/v1/auth/tokenClient credentialsExchange client credentials for an access token.
Request
grant_typestringRequiredMust be client_credentials.
client_idstringRequiredYour application's client ID.
client_secretstringRequiredYour application's client secret.
scopestringSpace-separated list of scopes (e.g., orders:read infrastructure:manage).
Response
Response
Available Scopes
| Scope | Description |
|---|---|
orders:read | Read order data |
orders:write | Create and update orders |
products:read | Read product catalog |
products:write | Manage product catalog |
billing:read | View invoices and billing |
billing:write | Manage billing configuration |
infrastructure:read | View infrastructure resources |
infrastructure:manage | Provision and manage resources |
admin | Full administrative access |