Client authorization

To authorize the user, it is required to send POST request to URL https://api.admitad.com/token/, using data format application/x-www-form/urlencoded and transfer the following parameters:

Name Required Description
client_id ID of your application*
scope A list of application access settings separated by a space that shall be requested.
grant_type

Request type

  • client_credentials

It is required to use HTTP Basic authentification for the request using client_id* and client_secret* as access parameters. The authorization header is base64 encoded line that contains client_id and client_secret united by a colon.

  • * The app ID (client_id) and secret key (client_secret) are available for the authorized publisher in the personal account (by clicking the "Show credentials" button).

Example of forming a base64-encoded authorization header in Python 2.7 for client_id=’cb281d918a37e346b45e9aea1c6eb7’ and client_secret=’a0f8a8b24de8b8182a0ddd2e89f5b1’:

from base64 import b64encode
client_id='cb281d918a37e346b45e9aea1c6eb7'
client_secret='a0f8a8b24de8b8182a0ddd2e89f5b1'
data = client_id + ':' + client_secret
# data = 'cb281d918a37e346b45e9aea1c6eb7:a0f8a8b24de8b8182a0ddd2e89f5b1'
data_b64_encoded = b64encode (data)


Example of a base64-encoded authorization header (the data_b64_encoded variable)
:

Y2IyODFkOTE4YTM3ZTM0NmI0NWU5YWVhMWM2ZWI3OmEwZjhhOGIyNGRlOGI4MTgyYTBkZGQyZTg5ZjViMQ==


Example of a request using a curl utility for client_id=cb281d918a37e346b45e9aea1c6eb7, where b64XXX is the base64-encoded authorization header:

curl -H 'Authorization: Basic b64XXX' -X POST https://api.admitad.com/token/ -d
'grant_type=client_credentials&client_id=cb281d918a37e346b45e9aea1c6eb7&scope=advcampaigns banners websites'


Example of request
:

POST /token/ HTTP/1.1
Host: api.admitad.com
Authorization: Basic b64XXX
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

grant_type=client_credentials&client_id=cb281d918a37e346b45e9aea1c6eb7&scope=advcampaigns banners websites

As a result of this request you will get a new access_token. The time to live of the token in seconds expires_in, refresh_token and additional information for users are returned as well:

{
"username": "webmaster1",
"first_name": "name",
"last_name"': "surname",
"language": "ru",
"access_token": "4b8b33955a",
"token_type": "bearer",
"expires_in": 604800,
"refresh_token": "ea957cce42",
"scope": "advcampaigns banners websites",
"group": "webmaster"
}