Authentication
- To get started with our APIs, use the endpoint below to generate an Access Token with your API credentials or authorization code.
- The Access Token is a Bearer token to be included in the Authorization Header of all API requests
- Multiple tokens may be generated and each is valid for 15 minutes, or 900 seconds
Endpoint
POST https://api.criteo.com/oauth2/tokenGenerate an Access Token
Generate another access token when it expires, signaled by a
401 UnauthorizedHTTP status code
Parameters
| Parameter | Description |
|---|---|
client_id string | Please see below for instructions on getting your credentials through Developer Dashboard |
client_secret string | Please see below for instructions on getting your credentials through Developer Dashboard |
grant_type string | Must be client_credentials or authorization_code |
code string | Only for Authorization Code apps. Authorization code returned during redirection |
redirect_uri string | Only for Authorization Code apps. Must match the redirect_uri used for the authorization request. |
Generate an Access Token
- This endpoint generates a new access token using your API credentials or authorization code.
- To comply with the OAuth2 standards of using client_credentials, Criteo API authorization supports Content-Type: 'application/x-www-form-urlencoded'. See the example below.
POST https://api.criteo.com/oauth2/token
// Sample Request
curl --location --request POST 'https://api.criteo.com/oauth2/token' --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'client_id=CLIENT_ID' --data-urlencode 'client_secret=CLIENT_SECRET' --data-urlencode 'grant_type=client_credentials'
// Sample Response
{
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkVuTTBCZkFELUFrNXZwOU9RMW1ZWXR6T2RaMUVad2RWaHY5T3Z2cVA3YVUiLCJ0eXAiOiJKV1QifQ.eyJjdHg6dXNlcjpkaXNwbGF5TmFtZSI6IkJvYmJ5IFNpYW8gTGVpIEhhbiIsImN0eDp1c2VyOmVtYWlsIjoiYi5oYW5AY3JpdGVvLmNvbSIsImN0eDp1c2VyOnVpZCI6ImIuaGFuIiwiY3R4OnVzZXI6dW1zSWQiOiIzMjM4ODQiLCJzdWIiOiJ1Omk6Yi5oYW5AY3JpdGVvLmNvbSIsImlhdCI6MTYwMTQwNDM1NSwiZXhwIjoxNjAxNDA1MzE1LCJhZGQ6bWFwaTp1bmFtZSI6ImIuaGFuIiwic2NvcGUiOiJnYXRld2F5IiwiY2xpZW50X2lkIjoiYi5oYW4iLCJuYmYiOjE2MDE0MDQ0MTUsImlzcyI6ImNyaXRlby1leGFtb2F1dGgifQ.OI1W8utCbR2a2VbkxOZZaP2JyQ4b8Kf9R2x_yGRp9jjqclvm8huC_iHb9AECLmYVMUYWojvmbIOk0j0BRfLf1xYoOAIvNbcWN-SsrkYOXVh9mYruwOfKJb0t6j8MW7u03PbfvSRtn_29ar3V-7rimDqdMR_iTVhTlBLI0W3jSOCjzKK9sbg0REwtneBu4V3dFLaLNIxXj5EtyaTpLB3v71smFljBHtUC1Go8wRUX2P_GZfWYJCZhatx0xsN46oS8aGQl3a6N4nh4cqdJNA83Y44LYEKpky0ZmBwC9D5j9rpC-BDkUaeWlgkVSicy6yWh-S06JC4e3pJwUHskUMvoiA",
"token_type": "Bearer",
"expires_in": 900
}
Mandatory Content-Type header
Please ensure you include Content-Type: application/x-www-form-urlencoded header in your call to /oauth2/token endpoint.
Use an Access Token
- Once you have obtained your access token, you can authenticate all subsequent requests by including an
AuthorizationHTTP header, as in the example below:
GET
https://api.criteo.com/2020-10/advertisers/me
Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IkVuTTBCZkFELUFrNXZwOU9RMW1ZWXR6T2RaMUVad2RWaHY5T3Z2cVA3YVUiLCJ0eXAiOiJKV1QifQ.eyJjdHg6dXNlcjpkaXNwbGF5TmFtZSI6IkJvYmJ5IFNpYW8gTGVpIEhhbiIsImN0eDp1c2VyOmVtYWlsIjoiYi5oYW5AY3JpdGVvLmNvbSIsImN0eDp1c2VyOnVpZCI6ImIuaGFuIiwiY3R4OnVzZXI6dW1zSWQiOiIzMjM4ODQiLCJzdWIiOiJ1Omk6Yi5oYW5AY3JpdGVvLmNvbSIsImlhdCI6MTYwMTQwNDM1NSwiZXhwIjoxNjAxNDA1MzE1LCJhZGQ6bWFwaTp1bmFtZSI6ImIuaGFuIiwic2NvcGUiOiJnYXRld2F5IiwiY2xpZW50X2lkIjoiYi5oYW4iLCJuYmYiOjE2MDE0MDQ0MTUsImlzcyI6ImNyaXRlby1leGFtb2F1dGgifQ.OI1W8utCbR2a2VbkxOZZaP2JyQ4b8Kf9R2x_yGRp9jjqclvm8huC_iHb9AECLmYVMUYWojvmbIOk0j0BRfLf1xYoOAIvNbcWN-SsrkYOXVh9mYruwOfKJb0t6j8MW7u03PbfvSRtn_29ar3V-7rimDqdMR_iTVhTlBLI0W3jSOCjzKK9sbg0REwtneBu4V3dFLaLNIxXj5EtyaTpLB3v71smFljBHtUC1Go8wRUX2P_GZfWYJCZhatx0xsN46oS8aGQl3a6N4nh4cqdJNA83Y44LYEKpky0ZmBwC9D5j9rpC-BDkUaeWlgkVSicy6yWh-S06JC4e3pJwUHskUMvoiA
Accept: text/plain
Content-Type: application/*+json
OAuth Flow
You can find more details about how to implement OAuth flow for the different authentication methods in OAuth implementation guides.
Updated 7 months ago