Authorization & Token Handling

The more safety way to access the data through the api is to use a client id, client secret and a redirect url. 

Client Id and Client Secret

After creating the api access entry, a client secret will be created.

Fetching Access Token

After creating the client id and client secret, it's possible to fetch the access token by this:

[NLESS.IO Url]/nless/AccessToken/Authenticate?client_id=...&client_secret=...&redirect_uri=https://nless.io&response_type=token

If every parameter is correct, the request will be redirect to the redirect uri with a new parameter "access_token", which contains a valid api access token.

⚠️ The access token is valid for 60 minutes.

 

Access Data

Two ways of using the access token to fetch datas:

  1. Request Header "Authorization" with the access token as value eg "Bearer TOKEN"
  2. Query String "access_token"