Croissant uses the OAuth client credential flow for HTTP authentication. During the onboarding process, you will receive a client ID and a client secret. The client ID and secret can then be used to call the POST /token endpoint:
curl --location --request POST 'https://api.retailer.croissant.com/v0/token' \
--header 'Content-Type: application/json' \
--data-raw '{
"clientId": "<YOUR_CLIENT_ID>",
"clientSecret": "<YOUR_CLIENT_SECRET>"
}'
If the client ID and secret are valid, the response of the HTTP request should look like the following:
{
"access_token": "<YOUR_ACCESS_TOKEN>",
"expires_in": 3600,
"token_type": "Bearer"
}
The access_token may then be used for authenticated endpoints by setting the Authorization header:
Authorization: Bearer <YOUR_ACCESS_TOKEN>