GuidesAPI ReferenceChangelog
GuidesAPI ReferenceChangelogLog In
Guides

Authentication

  • To get started with our APIs, use the endpoint below to generate an Access Token with your API credentials or authorization code.
  • The Access Token is a Bearer token to be included in the Authorization Header of all API requests
  • Multiple tokens may be generated and each is valid for 15 minutes, or 900 seconds

Endpoint

  • POST https://api.criteo.com/oauth2/token Generate an Access Token

📘

Generate another access token when it expires, signaled by a 401 Unauthorized HTTP status code

Parameters

ParameterDescription
client_id stringPlease see below for instructions on getting your credentials through Developer Dashboard
client_secret stringPlease see below for instructions on getting your credentials through Developer Dashboard
grant_type stringMust be client_credentials or authorization_code
code stringOnly for Authorization Code apps. Authorization code returned during redirection
redirect_uri stringOnly for Authorization Code apps. Must match the redirect_uri used for the authorization request.

Generate an Access Token

  • This endpoint generates a new access token using your API credentials or authorization code.
  • To comply with the OAuth2 standards of using client_credentials, Criteo API authorization supports Content-Type: 'application/x-www-form-urlencoded'. See the example below.
POST https://api.criteo.com/oauth2/token
// Sample Request
  
curl --location --request POST 'https://api.criteo.com/oauth2/token'   --header 'Content-Type: application/x-www-form-urlencoded'   --data-urlencode 'client_id=CLIENT_ID'   --data-urlencode 'client_secret=CLIENT_SECRET'   --data-urlencode 'grant_type=client_credentials'
 
// Sample Response
  
{
    "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkVuTTBCZkFELUFrNXZwOU9RMW1ZWXR6T2RaMUVad2RWaHY5T3Z2cVA3YVUiLCJ0eXAiOiJKV1QifQ.eyJjdHg6dXNlcjpkaXNwbGF5TmFtZSI6IkJvYmJ5IFNpYW8gTGVpIEhhbiIsImN0eDp1c2VyOmVtYWlsIjoiYi5oYW5AY3JpdGVvLmNvbSIsImN0eDp1c2VyOnVpZCI6ImIuaGFuIiwiY3R4OnVzZXI6dW1zSWQiOiIzMjM4ODQiLCJzdWIiOiJ1Omk6Yi5oYW5AY3JpdGVvLmNvbSIsImlhdCI6MTYwMTQwNDM1NSwiZXhwIjoxNjAxNDA1MzE1LCJhZGQ6bWFwaTp1bmFtZSI6ImIuaGFuIiwic2NvcGUiOiJnYXRld2F5IiwiY2xpZW50X2lkIjoiYi5oYW4iLCJuYmYiOjE2MDE0MDQ0MTUsImlzcyI6ImNyaXRlby1leGFtb2F1dGgifQ.OI1W8utCbR2a2VbkxOZZaP2JyQ4b8Kf9R2x_yGRp9jjqclvm8huC_iHb9AECLmYVMUYWojvmbIOk0j0BRfLf1xYoOAIvNbcWN-SsrkYOXVh9mYruwOfKJb0t6j8MW7u03PbfvSRtn_29ar3V-7rimDqdMR_iTVhTlBLI0W3jSOCjzKK9sbg0REwtneBu4V3dFLaLNIxXj5EtyaTpLB3v71smFljBHtUC1Go8wRUX2P_GZfWYJCZhatx0xsN46oS8aGQl3a6N4nh4cqdJNA83Y44LYEKpky0ZmBwC9D5j9rpC-BDkUaeWlgkVSicy6yWh-S06JC4e3pJwUHskUMvoiA",
    "token_type": "Bearer",
    "expires_in": 900
}

🚧

Mandatory Content-Type header

Please ensure you include Content-Type: application/x-www-form-urlencoded header in your call to /oauth2/token endpoint.

Use an Access Token

  • Once you have obtained your access token, you can authenticate all subsequent requests by including an Authorization HTTP header, as in the example below:
GET
https://api.criteo.com/2020-10/advertisers/me

Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IkVuTTBCZkFELUFrNXZwOU9RMW1ZWXR6T2RaMUVad2RWaHY5T3Z2cVA3YVUiLCJ0eXAiOiJKV1QifQ.eyJjdHg6dXNlcjpkaXNwbGF5TmFtZSI6IkJvYmJ5IFNpYW8gTGVpIEhhbiIsImN0eDp1c2VyOmVtYWlsIjoiYi5oYW5AY3JpdGVvLmNvbSIsImN0eDp1c2VyOnVpZCI6ImIuaGFuIiwiY3R4OnVzZXI6dW1zSWQiOiIzMjM4ODQiLCJzdWIiOiJ1Omk6Yi5oYW5AY3JpdGVvLmNvbSIsImlhdCI6MTYwMTQwNDM1NSwiZXhwIjoxNjAxNDA1MzE1LCJhZGQ6bWFwaTp1bmFtZSI6ImIuaGFuIiwic2NvcGUiOiJnYXRld2F5IiwiY2xpZW50X2lkIjoiYi5oYW4iLCJuYmYiOjE2MDE0MDQ0MTUsImlzcyI6ImNyaXRlby1leGFtb2F1dGgifQ.OI1W8utCbR2a2VbkxOZZaP2JyQ4b8Kf9R2x_yGRp9jjqclvm8huC_iHb9AECLmYVMUYWojvmbIOk0j0BRfLf1xYoOAIvNbcWN-SsrkYOXVh9mYruwOfKJb0t6j8MW7u03PbfvSRtn_29ar3V-7rimDqdMR_iTVhTlBLI0W3jSOCjzKK9sbg0REwtneBu4V3dFLaLNIxXj5EtyaTpLB3v71smFljBHtUC1Go8wRUX2P_GZfWYJCZhatx0xsN46oS8aGQl3a6N4nh4cqdJNA83Y44LYEKpky0ZmBwC9D5j9rpC-BDkUaeWlgkVSicy6yWh-S06JC4e3pJwUHskUMvoiA
Accept: text/plain
Content-Type: application/*+json

📘

OAuth Flow

You can find more details about how to implement OAuth flow for the different authentication methods in OAuth implementation guides.