Skip to main content
This API uses OAuth2 Client Credentials authentication provided by AWS. This method is designed for server-to-server communication, where no end-user is directly involved. Instead, the client application authenticates itself using a Client ID and Client Secret.
  1. Obtain Client Credentials You will be provided with:
  • URL
  • Client ID
  • Client Secret These values are generated by Involve and will uniquely identify and secure your application.
  1. Request an Access Token
Send a POST request to the SQOD token endpoint: 
POST https://auth.app.sqod.co.uk/oauth2/token
Content-Type: application/x-www-form-urlencoded
Authorization: Basic <base64(client_id:client_secret)>
Including the following request body: 
{"grant_type": "client_credentials"}
  1. Receive an Access Token
A successful response looks like this: 
{
  "access_token": "eyJraWQiOiJhb...",
  "expires_in": 3600,
  "token_type": "Bearer"
}
access_token – The token used to authorize API requests expires_in – Token lifetime in seconds (3600 = 1 hour) token_type – Always "Bearer"
  1. Call the API with the Token
When sending a request you’ll need to include the token in the Authorization header when calling the API: 
{"Authorization": "Bearer eyJraWQiOiJhb..."}
Example Request 
GET https://api.yourcompany.com/v1/resource
Authorization: Bearer eyJraWQiOiJhb...