Regardless of whether you are using API Token or OAuth2 access_token, all API endpoints are protected. In order to make an authenticate request you must provide the Authorization header.
In the case of API Token, it will be:
<aside> <img src="/icons/snippet_gray.svg" alt="/icons/snippet_gray.svg" width="40px" /> Authorization: idun_....
</aside>
In case of OAuth2 access_token:
<aside> <img src="/icons/snippet_gray.svg" alt="/icons/snippet_gray.svg" width="40px" /> Authorization: Bearer ey....
</aside>
To obtain an API Key is straight forward, you just need to email IDUN Support. To obtain the access token, you must implement the Oauth2 flow. Before implementing the Oauth2 flow, you must register your app with IDUN. You will need your app client id to complete the authentication flow.
You will need to send us your callback endpoints when registering your app.
Setting up authentication is relatively complex. We use AWS Cognito for user and access management. Before attempting this yourself, we recommend you get familiar with the documentation of AWS Cognito (https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html) and concepts of OAuth2 (https://www.oauth.com/)
If you still have trouble to set up authentication, we encourage you to contact IDUN support for further assistance.
For Security reasons we support only 2 OAuth Grant types: Authorization code grant and Client credentials grant.
Authorization code is the most common grant type.
For machine-to-machine (M2M) communications we also offer the possibility to use Client credentials grant with an app secret. For most scenarios, we recommend using the Client credentials grant. For more details on the Grant Types, please check out the AWS Documentation (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html)
We do not currently support self-account creation or MFA Authentication. We do provide a hosted UI to sign in into IDUN Cloud platform and we recommend to use that. (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-hosted-ui-user-sign-in.html)
For production, please use this domain: