Authentication

All of our APIs use OAuth 2.0 for authentication. To make API requests you will need a valid access token.
Client Credentials grant type is used to authenticate the client instead of asking for authorization from the user.
Each time you create an app you will be issued a set of credentials (client_id, client_secret) that you can use to authenticate your API calls using the OAuth 2.0 protocol. The client ID is considered public information. The client secret must be kept confidential. If a deployed app cannot keep the secret confidential, such as Javascript or native apps, then the secret should not be used.

The application sends a POST request to the authorization server, passing both the client_id and the client_secret in the body. The server replies with the token if the client credentials are valid.

SAMPLE REQUEST


POST https://api.optimalresume.com/oauth HTTP/1.1
Accept: application/json
{
"grant_type": "client_credentials",
"client_id": "CLIENT_ID",
"client_secret": "CLIENT_SECRET"
}


curl -X POST https://api.optimalresume.com/oauth \
-H "Accept: application/json;" \
-u "CLIENT_ID:CLIENT_SECRET" \
-d "grant_type=client_credentials"

SAMPLE RESPONSE


{
"access_token": "61e7ab831ede2641cb43b0a9c5a826b02e962a13c1",
"expires_in": 36000,
"token_type": "Bearer",
"scope": null
}

GENERATE ACCESS TOKEN

Parameter Type Value Default Value Description
client_id
required
string The OAuth 2.0 client ID for your application. The value is displayed on my apps page
client_secret
required
string The client secret associated with your client ID. The value is displayed on my apps page