To utilize any of Insights API endpoints, your app is required to first identify and authorize itself against an authorization server by obtaining an access token.
To authenticate against the authorization server, you must first retrieve your app’s client_id and client_secret from Insights dashboard (Settings > API Settings > API Credentials). Without these, your app will be unable to obtain an access token and call endpoints on the Insights API. If you do not have access to your dashboard Settings page then you should contact Periculum’s standard support channel (email [email protected]).
In the authentication request, your app will utilize the client_credentials OAuth 2.0 flow. Details on this flow can be found at https://www.oauth.com/oauth2-servers/access-tokens/client-credentials/, and for your convenience an outline of the flow in the context of Insights is covered in the diagram below:
- Customer’s app (backend, server) authenticates against the Authorization Server using its Client ID and Client Secret.
- The Authorization Server validates the Client ID and Client Secret.
- The Authorization Server responds with an Access Token.
- The customer’s application can use the Access Token to call the Insights API on behalf of itself.
- The Insights API responds with requested data.