Open Console
Home/UP42 API

Authentication

Get an access token to call endpoints.

Overview

The UP42 API uses token-based bearer authentication. Generate an access token to call API endpoints.

Step 1. Find project credentials

Step 2. Create a basic token

Step 3. Generate an access token

Step 4. Use your access token in API requests

Step 1. Find project credentials

Each API call is made at a project level.

  1. Go to Projects and select an existing project or create a new one.
  2. Go to the Developers tab in the project and copy the values of Project API Key and Project ID.

Don't share your credentials with others. They allow anyone to access your project and consume the UP42 credits associated with your account. If your credentials were compromised, generate a new API key.

Step 2. Create a basic token

  1. Create a project ID:API key combination by joining the project ID and its API key in one string, with a colon between the variables.
  2. Encode the combination to Base64 format.
  3. Add Basic to the beginning of the encoded string. An example:
Basic MWIwMDE1ZTMtY2M0Zi00ZGE2LTk3NjEtZmJhNzRiYTU3ZjY3OjFkSmVD==

Step 3. Generate an access token

Use the created basic token in a POST request to the /oauth/token endpoint:

POST /oauth/token HTTP/1.1
Host: api.up42.com
Authorization: {basic token}
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials

Add the grant_type=client_credentials string to the request. Otherwise, you'll receive the HTTP 415 Unsupported Media Type error.

See response example
{
  "data": {
    "accessToken": "eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0"
  },
  "access_token": "eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0",
  "token_type": "bearer"
}

Step 4. Use your access token in API requests

The majority of UP42 endpoints require an access token in the Authorization header. Those endpoints that allow requests without authentication provide access to publicly available information — for example, to a list of marketplace blocks.

Add the word Bearer before the access token. An example usage:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0

Access tokens are only valid for several minutes. Make sure you're not using an expired access token. Otherwise, you'll receive the HTTP 401 Unauthorized error.