The Location Services API uses the OAuth2 Bearer Token Scheme for authorisation for all CRUD operations (refer to What is REST?).
Request
To generate your token, proceed as follows:
-
Ensure that you have your
apiKey.propertiesfile to hand containing your uniquekeyandsecret:apiKey.id = <api key id value> apiKey.secret = <api key secret value>
-
Encode the key and secret to Base64 format by entering the following sequence into your favoured BASE64 encoder:
<api key id value>:<api key secret value>
Note
Ensure that the two values are separated by a colon (':') .
Save the encoded result for use as your particular
authorisation string. -
Perform a
POSTrequest to:https://dmo.metapack.com/oauth
using the
authorisation stringgenerated in the previous step:Basic <Base64-encoded key and secret>
of content type:
application/x-www-form-urlencoded
and with the following body:
Key: "grant_type" Value: "client_credentials"
-
In summary, ensure that the request is set up as follows in
HTTP:POST /oauth HTTP/1.1 Host: dmo.metapack.com Content-Type: application/x-www-form-urlencoded Authorization: Basic <Base64-encoded key and secret> "grant_type": "client_credentials"
Response
The response from Delivery Options is in JSON format, and will be in the form of an HTTP 200 OK response if the request is successful. For other possible responses, refer to What are the possible Server Responses?.
For example:
HTTP/1.1 200 OK
Access-Control-Allow-Headers: X-Requested-With,Content-Type
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 591
Content-Type: application/json; charset=utf-8
Date: Wed, 14 Feb 2020 14:42:51 GMT
X-Powered-By: Express
{
"access_token": "<Bearer Token>",
"token_type": "bearer",
"expires_in": 3600,
"scope": "can-update-locations can-create-locations
can-manage-opening-times-rules can-search-locations
can-delete-own-locations can-retrieve-locations"
}
The fields returned are as follows:
Table 27. Fields returned from Bearer Token API call
-
Generating a Bearer Token