Authentication

We use Auth0's Client Credentials Flow to grant access to our API.

In order to access the B2B API, we will send you through a safe channel a client_id and client_secret. You can use them to generate a token, by doing the following call:

curl -X POST \
 https://auth.thefork.io/oauth/token \
    -d 'audience=https://api.thefork.io&grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET'

The response will contain an access_token, needed for the calls to the API.

note

This token expires after 8600 seconds. When it does, repeat this process to get a new token.

warning

Please do not request a new token if the previous is not expired as it will overload the system with unused tokens

In order to use the API, please insert your access_token into the headers of your request as follows:

curl https://api.thefork.io/manager/{version}/{path} \
    -H 'Authorization: Bearer <access_token>'