Authentication tokens

Introduction

Clients can opt to use tokens to avoid exposing server-side API calls to unauthorized parties. There are two types of tokens: static and dynamic.

If the token is incorrect or missing, you will receive a 401 response with the following content:

{"Status Message":"Unauthorized"}

Static tokens

  • Contact your technical representative: Reach out to your Technical Account Manager to have a token generated internally and shared with your team.
  • Authentication header: Add the token in the authentication header of your API calls.

Dynamic tokens

A dynamic token expires after a certain period. Every time it expires, you must make a new request to the authentication service to generate a fresh token.

  • Set up an app: Generate an API token by setting up an app in our developer portal. Follow the instructions here: Configuring Your API Application.
  • Share application ID: Share your application_id with your TAM. This ID will be used to set up our authentication server.
  • Authentication request: Make an authentication request as described here: Authentication.
  • Get token: You will receive a token that can be used to make calls to the ad delivery API.

Example of API calls with authentication

Static token example

curl -X GET "https://d.us.criteo.com/delivery/retailmedia" \
--data-urlencode "criteo-partner-id=12345" \
--data-urlencode "retailer-visitor-id=123" \
--data-urlencode "customer-id=456" \
--data-urlencode "event-type=viewHome" \
--data-urlencode "page-id=viewHome_API_desktop" \
-H "Authorization: Bearer YOUR_STATIC_TOKEN" \
-H "Referer: www.criteo.com" \
-H "X-Forwarded-For: 123.456.789.012" \
-H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"

Dynamic token example

  1. Request token
curl -X POST 'https://api.criteo.com/oauth2/token' \
-H 'content-type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=YOUR_CLIENT_ID' \
--data-urlencode 'client_secret=YOUR_CLIENT_SECRET'
  1. Use token
curl -X GET "https://d.us.criteo.com/delivery/retailmedia" \
--data-urlencode "criteo-partner-id=12345" \
--data-urlencode "retailer-visitor-id=123" \
--data-urlencode "customer-id=456" \
--data-urlencode "event-type=viewHome" \
--data-urlencode "page-id=viewHome_API_desktop" \
-H "Authorization: Bearer YOUR_DYNAMIC_TOKEN" \
-H "Referer: www.criteo.com" \
-H "X-Forwarded-For: 123.456.789.012" \
-H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"

What’s Next