Skip to main content

Authentication

Geoff Tsai
  • Updated

Before you are able to use the Oovvuu API you will need to have a user set up on the Oovvuu Compass platform. To do this you will need to go to: https://compass.oovvuu.media, create your account and then you are able to proceed.

You will need to register your account with the email domain that is registered for your organisation. This ensures you will have the correct permissions

 

Tokens

The authentication within the Compass application is done using Auth0, and you can pass authentication details through to the Public API. 

Generate Tokens

You are able to find out about the JWT tokens from Auth0:

https://auth0.com/docs/tokens

When you are familiar with how tokens work you are able to generate the token in various methods

 

Using Compass

If you wish to get a token for testing you are able to generate one by using your browser and navigating to

https://compass.oovvuu.media/dev

 

Using the SDK

The easiest way to get the token for your application is to use the provided SDKS:

https://auth0.com/docs/libraries#sdks

 

Using Curl

This is a multi part process, you will need to start by using your browser and navigating to the Auth0 authorize endpoint. This is so that you can login to identify you as an user and obtain the authorization code.

  • use the browser and navigate to :

https://oovvuu-production.au.auth0.com/authorize?response_type=code&client_id=[CLIENT_ID]&scope=offline_access&audience=https://api.prod.oovvuu.io&redirect_uri=[CALLBACK_URL]&state=something_we_make_up_per_request

  • using the browser you will see a response that includes the code, take a copy of this code as you will need it in the next step

  • you are then able to use curl to get the Authorization Token and Refresh Token

curl --location --request POST \
--url 'https://oovvuu-production.au.auth0.com/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'client_id=[CLIENT_ID]' \
--data-urlencode 'client_secret=[CLIENT_SECRET]' \
--data-urlencode 'redirect_uri=[CALLBACK_URL]' \
--data-urlencode 'code=[CODE FROM PREVIOUS STEP]'

  • you will then need to extract the Auth Token and the Refresh Token from the returned JSON

 

Auth0 Audience

the audience to use will be the Auth0 Oovvuu Public API callback, this can be found on

https://api.prod.oovvuu.io

 

Client ID and Secret

The client ID and secret are provided by Auth0 and are required if you wish to use any of the public authentication libraries for retrieving your own tokens. This is often the case when you are creating a custom CMS plugin or programatically connecting to the Public API.

These will be provided to the administrator of the account upon request, please contact your Oovvuu representative to get this information

 

Use the Token

We use JWT tokens provided by Auth0, which can be added to the Authorization header in the form of

bearer {token}

 

Related articles