Authentication

Authentication

In order to access any of the endpoints of the backend API the request needs to be authorized and an access token is required.
The access token can be retrieved from the Sygic Auth service.

Make sure you have client_id (e.g. com.myorg.myadmin) and client_secret (long string) at hand.
You can obtain it from your Sygic sales representative or contact us through our Contact form.

The token request needs to contain the following header:

Content-Type: application/json

Get Access token example

Request

POST https://auth.api.sygic.com/oauth2/token
Content-Type: application/json

{
  "client_id": "com.myorg.myadmin",
  "client_secret": "<your_client_secret>",
  "grant_type": "client_credentials"
}

Response

The response contains the access_token's expiration in seconds. You should use the same access_token until it ends and then refresh it.

{
    "access_token": "<your_access_token>",
    "token_type": "bearer",
    "expires_in": 108000,
    "refresh_token": "<your_refresh_token>"
}

Refresh example

Request

POST https://auth.api.sygic.com/oauth2/token
Content-Type: application/json

{
  "client_id": "com.myorg.myadmin",
  "client_secret": "<your_client_secret>",
  "grant_type": "refresh_token",
  "refresh_token": "<your_refresh_token>"
}

Response

You can now start using the new access token and dispose of the old one. Use the new refresh token for your next refresh.

{
    "access_token": "<your_new_access_token>",
    "token_type": "bearer",
    "expires_in": 108000,
    "refresh_token": "<your_new_refresh_token>"
}