Getting an authentication token

The Nexthink APIs rely on a specific HTTP authentication scheme called bearer authentication or token authentication. Get a token from the API using the Client Secret and Client ID generated earlier in the setup process.

Here are curl command examples:

zsh

curl --location "https://instance-login.region.nexthink.cloud/oauth2/default/v1/token" --header "Content-Type: application/x-www-form-urlencoded" --header "Authorization: Basic <Base64 encoded clientId:clientSecret>" --data-urlencode "grant_type=client_credentials" --data-urlencode "scope=service:integration"

powershell

$headers = @{
  "Content-Type"  = "application/x-www-form-urlencoded"
  "Authorization" = "Basic <Base64 encoded clientId:clientSecret>"
}
$body = @{
  "grant_type" = "client_credentials"
  "scope"      = "service:integration"
}

$response = Invoke-RestMethod -Uri 'https://instance-login.region.nexthink.cloud/oauth2/default/v1/token' `
  -Method 'POST' `
  -Headers $headers `
  -Body $body `
  -ContentType 'application/x-www-form-urlencoded'

$response | ConvertTo-Json

cmd

curl --location "https://instance-login.region.nexthink.cloud/oauth2/default/v1/token" --header "Content-Type: application/x-www-form-urlencoded" --header "Authorization: Basic <Base64 encoded clientId:clientSecret>" --data-urlencode "grant_type=client_credentials" --data-urlencode "scope=service:integration"

Replace instance by the name of the instance and region by the name of one of the following regions:

us for the United States
eu for the European Union
pac for Asia-Pacific
meta for the Middle East, Turkey and Africa

Replace <Base64 encoded clientId:clientSecret> with the Base64 token you generate from your clientId and clientSecret separated by a colon : .

Generating the Base64 token

In the example below, the value

q2tj2fvyevr4z9djhkilhlmj3yw39tqpg is the clientId, and
cwbxklimy4k7qtnxohpbnueaydsuuhoftqza8tfzkykf is the clientSecret.

The following examples show how to do this using the command-line interface (CLI)

zsh

echo -n q2tj2fvyevr4z9djhkilhlmj3yw39tqpg:cwbxklimy4k7qtnxohpbnueaydsuuhoftqza8tfzkykf | base64

powershell

[System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("q2tj2fvyevr4z9djhkilhlmj3yw39tqpg:cwbxklimy4k7qtnxohpbnueaydsuuhoftqza8tfzkykf"))

cmd

powershell "[Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes(\"q2tj2fvyevr4z9djhkilhlmj3yw39tqpg:cwbxklimy4k7qtnxohpbnueaydsuuhoftqza8tfzkykf\"))"

If the call is successful, the response is as follows, and the access_token field contains the token.

{
    "token_type": "Bearer",
    "expires_in": 900,
    "access_token": "example",
    "scope": "service:integration"
}

The token has a 15-minute lifespan, after which you must request a new token.

Last updated 1 month ago

Was this helpful?