This type of authorization is universal and can be used for all version of our APIs.
Authorization is the same for every API method. Access token, required for authorization, is generated by request to IDM. Token is valid for 60 minutes. It is recommended to generate token before every request (including batch request). Authorization requires login information:
client_id
client_secret
username
password
Login information is provided by Alza for both test and production environments.
Request
curl --location --request POST "https://identitymanagement.phoenix.alza.cz/connect/token" --header "Accept: application/json" --header "Content-Type: application/x-www-form-urlencoded" --data-urlencode "grant_type=password" --data-urlencode "scope=konzole_access" --data-urlencode "client_id=xxxCLIENT_IDxxx" --data-urlencode "client_secret=xxxCLIENT_SECRETxxx" --data-urlencode "username=xxxPARTNERxxx" --data-urlencode "password=xxxPASSWORDxxx"
Response
{ "access_token": "eyJ...", "expires_in": 3600, "token_type": "Bearer", "scope": "konzole_access" }