Authentication

Get an access token to call endpoints.


Overview

The UP42 API uses token-based bearer authentication. Generate an access token to call API endpoints.

Generate an access token

Use the /oauth/token endpoint:

POST /oauth/token HTTP/1.1
Host: api.up42.com
Content-Type: application/x-www-form-urlencoded

grant_type=password&username=<your-email>&password=<your-password>

Create a request body as follows:

  1. Include a Content-Type header and set its value to application/x-www-form-urlencoded.
  2. Retrieve the email address and password used for logging into the console. Use them as values in the following parameters:
    • Set the value of the username parameter to your email address.
    • Set the value of the password parameter to your password.
  3. Add the grant_type=password string to the request. Don't change the password value.
See response example
{
  "data": {
    "accessToken": "eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0",
    "refreshToken": "JqdGkiOiI1ODdkMTQ3MyeyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc00VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLC"
  },
  "access_token": "eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0",
  "refresh_token": "JqdGkiOiI1ODdkMTQ3MyeyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc00VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLC",
  "token_type": "bearer"
}

You will need the access token.


Use your access token in API requests

The majority of UP42 endpoints require an access token in the Authorization header. Those endpoints that allow requests without authentication provide access to publicly available information — for example, to a list of marketplace blocks.

Add the word Bearer before the access token. An example usage:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0eyJ0eXAiOiJKV1QiLCJraWQiOiIxIiwidG9rZW5fdHlwZSI6IkFDQ0VTUyIsImFsZyI6IlJTNTEyIn0eyJpc3MiOiJiYWNrZW5kLWNvcmUiLCJqdGkiOiI1ODdkMTQ3My05ODU5LTRhMDAtYTUwNS1iZTgwMDUzYmJiMzUiLCJpYXQiOjE1NzU5NzE1ODEsInN1YiI6IjFiMDAxNWUzLWNjNGYtNGRhNi05NzYxLWZiYTc0

Access tokens are only valid for several minutes. Make sure you're not using an expired access token. Otherwise, you'll receive the HTTP 401 Unauthorized error.

Troubleshooting

I'm getting an HTTP 415 Unsupported Media Type error

The authentication request contains unspecified media types. Resolve this issue as follows:

  • In the request header, add Content-Type: application/x-www-form-urlencoded.
  • In the request body, add grant_type=password. Don't change the password value.