Foleon's API is secured with Bearer token authentication, which is a stateless, header-based authentication method where the client presents a pre-issued token to prove its identity. In order to obtain a Bearer token you first need to request API credentials. If you have the Enterprise package you can retrieve these API credentials through our support team, or by contacting your CSM.
After retrieving your API credentials (client_id and client_secret) you can use them to get a Bearer token using a POST method for the OAuth endpoint by putting them in the request payload.
Here is an example of a request retrieving a Bearer token in Python:
import requests
url = "https://api.foleon.com/oauth"
payload = {
"grant_type": "client_credentials",
"client_id": "xxxxx000x0",
"client_secret": "X0xXx0X0xxX0XxXx0X0Xxx0xXx0xX0Xx0XxX0xX0xxX0XxXx0X0Xxx0xXx0xX0"
}
headers = {"Content-Type": "application/json"}
response = requests.post(url, json=payload, headers=headers)
data = response.json()
print(data.get("access_token"))
Now that we've obtained a Bearer token we can use it in the headers of our consecutive requests to authenticate them. For example, here is a call retrieving a Doc object:
url = "https://api.foleon.com/v2/magazine/edition/1234567"
headers = {"Authorization": f"Bearer {data.get('access_token')}"}
response = requests.get(url, headers=headers)
data = response.json()
print(data)A Bearer token has limited lifetime of 1 hour. After the hour passes the token becomes invalid and a new token needs to be requested using the same POST method for the OAuth endpoint. Be sure to take this into account when developing applications with longer or indefinite runtimes.