Get Authentication Token

Get authentication token

curl --request POST \
  --url https://api.payrollintegrationsapp.com/v1/auth/token \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "grantType": "client_credentials"
}
'

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "token_type": "Bearer",
  "expires_in": 3600
}

POST

auth

token

Get authentication token

curl --request POST \
  --url https://api.payrollintegrationsapp.com/v1/auth/token \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "grantType": "client_credentials"
}
'

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "token_type": "Bearer",
  "expires_in": 3600
}

Exchanges client credentials (client ID and client secret) for an access token using HTTP Basic Authentication. The client ID is used as the username and the client secret as the password, encoded as Base64 in the format: Basic base64(clientId:clientSecret). Authorization is done using the “Basic” format within the “Authorization” header. Assuming client id is “sean@example.com” and client secret is “MyVeryCoolSecretPleaseDontSteal”, the format of the unencoded string is as follows:

sean@example.com:MyVeryCoolSecretPleaseDontSteal

Then base64 encode the string (in javascript this is Window: btoa() method - Web APIs | MDN) to get the following:

c2VhbkBleGFtcGxlLmNvbTpNeVZlcnlDb29sU2VjcmV0UGxlYXNlRG9udFN0ZWFs

This can be done in the browser console with the methods btoa() and atob() to confirm these values during testing.

> btoa('sean@example.com:MyVeryCoolSecretPleaseDontSteal')
'c2VhbkBleGFtcGxlLmNvbTpNeVZlcnlDb29sU2VjcmVOUGxLYXNIRG9udFNOZWFs'

> atob('c2VhbkBleGFtcG×lLmNvbTpNeVZlcnlDb29sU2VjcmV0UGxlYXNIRG9udFNZWFs')
'sean@example.com:MyVeryCoolSecretPleaseDontSteal'

Authorizations

Authorization

string

header

required

HTTP Basic Authentication. Use your client ID as the username and client secret as the password.

Body

application/json

grantType

enum<string>

required

OAuth2 grant type

Available options:

client_credentials

Response

Authentication response with access token

accessToken

string

required

JWT access token

expiresIn

number

required

Token expiration time in seconds. Currently all tokens generated last 15 minutes.

tokenType

enum<string>

required

Type of the token

Available options:

Bearer

Glossary List Payroll Records

⌘I

API documentation

Authentication

Payroll Records

Employee Data

Employer Identifiers

Invites

Payroll Platforms

Users

Meta

Authorizations

Body

Response