To utilize any of Insights endpoints, your app is required to first identify and authorize itself against an authorization server by obtaining an access token.
To authenticate against the authorization server, you must ensure that you have received your app’s client_id and client_secret from Periculum. Without these, your app will be unable to obtain an access token and call endpoints on the Insights API. If you have not obtained your client_id or client_secret, then you should contact Periculum’s standard support channel (email [email protected]).
In the authentication request, your app will utilize the client_credentials OAuth 2.0 flow. Details on this flow can be found at https://www.oauth.com/oauth2-servers/access-tokens/client-credentials/, and for your convenience an outline of the flow in the context of Insights is covered in the diagram below:
- Customer’s app (backend, server) authenticates against the Authorization Server using its Client ID and Client Secret.
- The Authorization Server validates the Client ID and Client Secret.
- The Authorization Server responds with an Access Token.
- The customer’s application can use the Access Token to call the Insights API on behalf of itself.
- The Insights API responds with requested data.