LogoLogo
  • Welcome
  • Landing in Transparent Edge
  • Sign up process
  • Getting Started
    • Basics concepts
      • Glosary
        • API
        • Brotli Compression
        • Cache-Control
        • Cache key
        • Caching
        • CNAME
        • Cloud Computing
        • Cloud Computing Architecture
        • Cloud Services
        • DASH
        • Data Center
        • Edge Server
        • ETag
        • GSLB
        • HLS (HTTP Live Streaming)
        • HTTP/2
        • Infrastructure as a Service (IaaS)
        • Internet Exchange Point
        • Last-Modified
        • Load Balancing
        • MultiCDN
        • NoSQL (not only SQL)
        • Origin
        • Origin Shield
        • OTT (Over The Top)
        • Platform as a Service (PaaS)
        • PoP (Point of Presence)
        • Private CDN
        • Private Cloud
        • Public Cloud
        • Purge
        • Query String
        • Reverse Proxy
        • RTT (Round-trip Time)
        • SaaS (Software as a Service)
        • SDS (Software Defined Storage)
        • Smooth Streaming
        • Status Code
        • TCP (Transmission Control Protocol)
        • TLS Acceleration
        • TLS (Transport Layer Security)
        • TTFB (Time-to-first-byte)
        • TTL (Time-to-live)
        • Virtual Machine
        • VPS (Virtual Private Server)
        • Web Services
      • Let's start at the beginning
      • Things to consider
      • Houston, we have a problem
      • HTTP, How does it work?
      • Invalidating methods
      • DNS Pointing
      • Log formats
      • Predefined headers
      • Default headers
        • geo_country_code
        • X-Device
        • Vary
        • Cache headers
        • Age
        • TP-Cache
        • True-Client-IP and X-Forwarded-For
      • Forcing No-Cache
      • Architecture
        • Transparent Edge’s IP addresses
        • Locations and PoP
        • Cache layers
      • Cache effectiveness
      • SSL
      • HTTP 5xx Error Codes
      • Features
        • Protection against origin failures
        • Rate Limit
        • Geolocation and geoblocking
        • Prefechting
        • Refetching
        • Fast purging
        • HTTP Redirects
        • Caching static vs. dynamic objects
        • Rewriting of headers
        • Device detection
    • Dashboard
      • Historic
      • Analytics
      • Invalidating content
      • Content invalidation by tags
      • Prefetching Cache
      • Log shipping
      • Provisioning
        • Initial configuration
        • Backends
        • Sites
        • Configuration deployments
        • Network ACLs
        • TLS/SSL Certificates
      • User management
  • Configuration
    • VCL Reference
      • Default Functions
      • VCL Objects
      • Callable Functions
      • Security restrictions
      • Varnish book
    • Network Access Control List
      • Initial configuration
      • Auto generated lists
      • Manage lists via API
    • i3
      • Quality adjustment
      • Cache timing allocation for transformed images
      • Conversion to grayscale
      • Conversion to WebP
      • Blurring
      • Inclusion of graphics in the footer (strip)
      • Automatic resizing
      • Definition of the maximum size (content-length)
    • Transcoding
      • Relaunch or requeue jobs
      • Create a transcode job
      • Get job information
      • Dashboard usage
    • OpenAPI de TransparentCDN
  • Security
    • HTTPS
    • Blocking User-Agent
    • Blocking by IP Address
    • Blocking Requests Geographically
    • Avoiding Hotlinking
    • Bot Mitigation
    • WAF
      • Configuration
      • CAPTCHA
      • Content protected by token
      • Rate limit
    • Anomaly Detection
      • Detection Types
      • Automatic Reactions
      • Detection History
    • Under attack mode
    • Global Whitelists
  • Integrations
    • Wordpress plugin
    • Google Cloud Platform
    • Amazon Web Services
  • GUIDES AND TUTORIALS
    • How to do things
    • Edge Computing
      • ESI Tags
    • Acting on the Query String
    • Working with cookies
    • Making decisions based on HTTP headers
    • Web Application Gateway
    • Configure your servers to send cache headers
    • Caching a version per device
    • True-Client-IP in the origin
    • A/B Testing
    • Routing traffic to different backends
    • JSON Web Tokens
    • Debug codes
    • Streaming logs
    • API
      • Authentication
      • Invalidation
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. GUIDES AND TUTORIALS
  2. API

Authentication

Instructions for user authentication against the Transparent Edge Services API.

PreviousAPINextInvalidation

Last updated 1 year ago

Was this helpful?

To authenticate against the API, we use the OAuth2 federation system. This means that in order to make requests to the API, you need to have an access token for authentication.

First of all, we will need the values of client_id and client_secret, which can be obtained from our . Click on your username, to view your user profile, there you'll able to obtain the required API keys.

Take note of the values that appear, as we will need them for the following steps:

Here is an example, with fake data of the entire process of obtaining the access token (API_TOKEN).

client_id: 0b58b22d51a2d68Ffdf17b

client_secret: 0f3b38f9721211e848e39be374a4c1431386abdfe86

company_id: 42

With this information, the first step is to make a call to the API to obtain the authorization token. This may vary depending on the programming language used, here is a basic example using cURL.

curl -XPOST -d "client_id=0b58b22d51a2d68df17b&client_secret=0f3b38f9701e848e39be374a4c1431386abdfe86&grant_type=client_credentials" https://api.transparentcdn.com/v1/oauth2/access_token/

This request will return a result in JSON format, similar to this:

{
  "access_token": "58530ad8f1879786dbfad7Gh1a3b94c1dae1070280fdb",
  "token_type": "Bearer",
  "expires_in": 36000,
  "refresh_token": "63553322177e88fHa8Kb25b122542e35733ce2a9cc24",
  "scope": "read write"
}

The field access_token is essential to continue making requests to the API. All requests that include the header "Authorization: Bearer " will be authenticated with the user who requested the access_token. For example, a request similar to the one shown below will return a JSON object with the user stored in our systems.

curl -v -H 'Authorization: Bearer 58530ad8f1879786dbfad7Gh1a3b94c1dae1070280fdb' https://api.transparentcdn.com/v1/companies/current_user/
dashboard