Authentication
Authentication API endpoint
https://iotspot-m2mauth-prod.auth.eu-central-1.amazoncognito.com/
Our M2M and/or open API’s can only be called using token based authentication. Our API endpoints can
only be called using a temporarily (1 hour) valid access token. Another API endpoint should first be
called to get a valid token.
Please use the endpoints from the list below:
| Platform | Environment | URL |
|---|---|---|
| iotspot | prod | https://iotspot-m2mauth-prod.auth.eu-central-1.amazoncognito.com/oauth2/token |
Obtain Access Token
For each M2M API you will need to use the credentials of your Client App. To obtain an access token
perform the following request to the authentication location defined below. The API call has to be a
HTTP POST with the following settings.
[Client_id] and [Client_secret] values can be obtained via the Iotspot support desk (and in the near
future from the Control Center). In the Control Center, only by organization admins, these values can be
created, maintained, retrieved and removed. The values will always be only valid for that specific
organization.
#CURL Example request
curl --location --request POST 'https://iotspot-m2mauth-prod.auth.eu-central-1.amazoncognito.com/oauth2/token' \
--header 'Authorization: Basic XXXX' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=[Client_id]' \
--data-urlencode 'scope=iotspot/openapi' \
--data-urlencode 'grant_type=client_credentials'
Result example :
{
"access_token": "eyJraWQiOiJGZHFMUGJma3hoalNMbUdiRFZVU3BRXC94QytXYmh0SnhudXQwZGRPQ0RFdz0iLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI2dTEzcXZtaWlzazhvZjMwNGNmZGZ1YnEzcyIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoiaW90c3BvdFwvb3V0bG9vayBpb3RzcG90XC9wcm9kdWN0aW9uIiwiYXV0aF90aW1lIjoxNjQ2MzM1MzcxLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAuZXUtY2VudHJhbC0xLmFtYXpvbmF3cy5jb21cL2V1LWNlbnRyYWwtMV9PaUVJWHFDUkciLCJleHAiOjE2NDYzMzg5NzEsImlhdCI6MTY0NjMzNTM3MSwidmVyc2lvbiI6MiwianRpIjoiM2ZiZGVlYjItYTBhNi00M2Q2LWE4MDItYjRlNTljMjk4ZWQ0IiwiY2xpZW50X2lkIjoiNnUxM3F2bWlpc2s4b2YzMDRjZmRmdWJxM3MifQ.f_8vwwlGU5PyivmfVjW0bYAyt7J4QJJx1dOXbfAVYCZ_Sa5eTiWXIbRxqb2WG0K63BvnOR3__wJj2iEQAE8ibkl712brlrPECwA5PwAjmKFa-sNISg4acaR4MmpKTOfpGqEVAejsh8O7s7XL8u-mn_0G6kx2S6lmB72D7iPVnUu4bgwD6vdmKYqR9djAj5eGSxYIAKKYYidcyMWZ58Fu5Un04eLuDQlHla5H6DiNoChm_UM9waiohXuWaknGF4CbRniAAUcZ5Xd6fBRkxdtpp0zRXy4AyAbekmKym05ypieNmYk3W7xeRTFvOEBQCbrU6AYacK6Iw4QQwKB032Q-gg",
"expires_in": 3600,
"token_type": "Bearer"
}
FORM PARAMETERS
XXXX = base64encode string [Client_id]:[Client_secret]
Use for example Base64 Decode and Encode
to get the base64 encoded string created from [Client_id]:[Client_secret]
Don’t forget to put the : in between client_id value and client_secret value
And take note that when filling the Authorization header the base64 encoded string value has to prefixed
with "Basic "
| Name | Where | Example |
|---|---|---|
| Authorization | Header | Basic XXXX |
| Content-Type | Header | application/x-www-form-urlencoded |
| client_id | Form param | [Client_id] |
| scope | Form param | iotspot/openapi |
| grant_type | Form param | client_credentials |
API Specifications
You can view the full API specs HERE.