As described in the API Reference, some endpoints require administrative authentication. These endpoints are clearly labeled with a red banner which lists the authorisation scopes required.
If you need to interact with these API endpoints from your own code or integration the usual method of obtaining an administrative access token is through a OAuth2 client credentials grant. With this authentication method the process is as follows:
- Request admin access token using your client credentials
- Pass the returned access token as a Bearer token in Authorization header of your request to the WLL API.
To obtain your client credentials please raise a support request detailing your intended usage.
Code Examples
In the following examples you should replace $YOUR_SECRET and $YOUR_ID with your own client secret and client ID respectively.
cURL
curl --request POST \
--url https://auth.wlloyalty.net/oauth/token \
--header 'content-type: application/json' \
--data '{"client_id":"$YOUR_ID","client_secret":"$YOUR_SECRET","audience":"wlloyalty.net","grant_type":"client_credentials"}'
Node.js
const request = require('request');
request(
{
method: 'POST',
url: 'https://auth.wlloyalty.net/oauth/token',
headers: { 'content-type': 'application/json' },
body: JSON.stringify({
client_id: '$YOUR_ID',
client_secret: '$YOUR_SECRET',
audience: 'wlloyalty.net',
grant_type: 'client_credentials',
}),
},
(error, response, body) => {
if (error) throw new Error(error);
console.log(body);
}
);
C#
var client = new RestClient("https://auth.wlloyalty.net/oauth/token");
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"client_id\":\"$YOUR_ID\",\"client_secret\":\"$YOUR_SECRET\",\"audience\":\"wlloyalty.net\",\"grant_type\":\"client_credentials\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);