GuidesAPI ReferenceChangelog
GuidesAPI ReferenceChangelogLog In


  • To get started with our APIs, use the endpoint below to generate an Access Token with your API credentials
  • The Access Token is a Bearer token to be included in the Authorization Header of all API requests
  • Multiple tokens may be generated and each are valid for 15 minutes, or 900 seconds


  • POST Generate an Access Token


Generate another access token when it expires, signaled by a 401 Unauthorized HTTP status code


client_id stringPlease see below for instructions on getting your credentials through Developer Dashboard
client_secret stringPlease see below for instructions on getting your credentials through Developer Dashboard
grant_type stringMust be client_credentials

Generate an Access Token

  • This endpoint generates a new access token using your API credentials
  • To comply with the OAuth2 standards of using client_credentials, Criteo API authorization now supports Content-Type: 'application/x-www-form-urlencoded'. See the example below.
// Sample Request
curl --location --request POST ''   --header 'Content-Type: application/x-www-form-urlencoded'   --data-urlencode 'client_id=CLIENT_ID'   --data-urlencode 'client_secret=CLIENT_SECRET'   --data-urlencode 'grant_type=client_credentials'
// Sample Response
    "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkVuTTBCZkFELUFrNXZwOU9RMW1ZWXR6T2RaMUVad2RWaHY5T3Z2cVA3YVUiLCJ0eXAiOiJKV1QifQ.eyJjdHg6dXNlcjpkaXNwbGF5TmFtZSI6IkJvYmJ5IFNpYW8gTGVpIEhhbiIsImN0eDp1c2VyOmVtYWlsIjoiYi5oYW5AY3JpdGVvLmNvbSIsImN0eDp1c2VyOnVpZCI6ImIuaGFuIiwiY3R4OnVzZXI6dW1zSWQiOiIzMjM4ODQiLCJzdWIiOiJ1Omk6Yi5oYW5AY3JpdGVvLmNvbSIsImlhdCI6MTYwMTQwNDM1NSwiZXhwIjoxNjAxNDA1MzE1LCJhZGQ6bWFwaTp1bmFtZSI6ImIuaGFuIiwic2NvcGUiOiJnYXRld2F5IiwiY2xpZW50X2lkIjoiYi5oYW4iLCJuYmYiOjE2MDE0MDQ0MTUsImlzcyI6ImNyaXRlby1leGFtb2F1dGgifQ.OI1W8utCbR2a2VbkxOZZaP2JyQ4b8Kf9R2x_yGRp9jjqclvm8huC_iHb9AECLmYVMUYWojvmbIOk0j0BRfLf1xYoOAIvNbcWN-SsrkYOXVh9mYruwOfKJb0t6j8MW7u03PbfvSRtn_29ar3V-7rimDqdMR_iTVhTlBLI0W3jSOCjzKK9sbg0REwtneBu4V3dFLaLNIxXj5EtyaTpLB3v71smFljBHtUC1Go8wRUX2P_GZfWYJCZhatx0xsN46oS8aGQl3a6N4nh4cqdJNA83Y44LYEKpky0ZmBwC9D5j9rpC-BDkUaeWlgkVSicy6yWh-S06JC4e3pJwUHskUMvoiA",
    "token_type": "Bearer",
    "expires_in": 900


Mandatory Content-Type header

Please ensure you include Content-Type: application/x-www-form-urlencoded header in your call to /oauth2/token endpoint.

Use an Access Token

  • Once you have obtained your access token, you can authenticate all subsequent requests by including an Authorization HTTP header, as in the example below:

Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IkVuTTBCZkFELUFrNXZwOU9RMW1ZWXR6T2RaMUVad2RWaHY5T3Z2cVA3YVUiLCJ0eXAiOiJKV1QifQ.eyJjdHg6dXNlcjpkaXNwbGF5TmFtZSI6IkJvYmJ5IFNpYW8gTGVpIEhhbiIsImN0eDp1c2VyOmVtYWlsIjoiYi5oYW5AY3JpdGVvLmNvbSIsImN0eDp1c2VyOnVpZCI6ImIuaGFuIiwiY3R4OnVzZXI6dW1zSWQiOiIzMjM4ODQiLCJzdWIiOiJ1Omk6Yi5oYW5AY3JpdGVvLmNvbSIsImlhdCI6MTYwMTQwNDM1NSwiZXhwIjoxNjAxNDA1MzE1LCJhZGQ6bWFwaTp1bmFtZSI6ImIuaGFuIiwic2NvcGUiOiJnYXRld2F5IiwiY2xpZW50X2lkIjoiYi5oYW4iLCJuYmYiOjE2MDE0MDQ0MTUsImlzcyI6ImNyaXRlby1leGFtb2F1dGgifQ.OI1W8utCbR2a2VbkxOZZaP2JyQ4b8Kf9R2x_yGRp9jjqclvm8huC_iHb9AECLmYVMUYWojvmbIOk0j0BRfLf1xYoOAIvNbcWN-SsrkYOXVh9mYruwOfKJb0t6j8MW7u03PbfvSRtn_29ar3V-7rimDqdMR_iTVhTlBLI0W3jSOCjzKK9sbg0REwtneBu4V3dFLaLNIxXj5EtyaTpLB3v71smFljBHtUC1Go8wRUX2P_GZfWYJCZhatx0xsN46oS8aGQl3a6N4nh4cqdJNA83Y44LYEKpky0ZmBwC9D5j9rpC-BDkUaeWlgkVSicy6yWh-S06JC4e3pJwUHskUMvoiA
Accept: text/plain
Content-Type: application/*+json

Get your credentials through the Developer Portal (self-service)

  • To get your credentials, you need to create a Criteo account and then create an Organization and an App within the Developer Dashboard
  • Learn how to create an Organization and an App in these related articles Create your organization and Create your app
  • Once you have created an App you will be able to generate a set of Credentials through the following dashboard:
  • 💡 When creating a set of Credentials, you will automatically download a file with your API Key and API Secret like this
  • Make sure to keep your API Secret saved somewhere secure. We can only share the API Secret once with you!
  • You can use this dashboard to manage your API keys. You can also delete an API key from this dashboard. The key will stay valid for fifteen minutes before deactivating
  • 💡 You can change the name of your set of credentials by clicking directly on the credentials name in the dashboard. For example, Troubleshooting Credentials or Production Credentials
  • 💡 You will be limited to five API credentials for an App (for ex. one for production, one for troubleshooting, and three others for any other use cases you'd like)

What’s Next