Authentication in InCountry
REST API Authentication
To authenticate in the REST API, you should get an OAuth2 access token and then provide it as an Authorization Bearer token in the REST API requests.
Creating an Access Token
To obtain an oAuth token, you should send a request to the authorization server with the credentials received on InCountry Portal.
Firstly, you need to determine AUTH_ENDPOINT for your country. Under the spoiler you can find available countries and corresponding auth servers.
Countries and auth endpoints
The following countries are supported by the InCountry platform.
| Country Code | Country |
|---|---|
| AE | United Arab Emirates |
| AU | Australia |
| CA | Canada |
| CN | China (Hong Kong) |
| DE | Germany |
| IN | India |
| RU | Russia |
| SA | Saudi Arabia |
| US | United States |
Please use the following access token endpoint for all operations in the countries above: https://idp.incountry.com/oauth2/token/. The legacy region-specific endpoints are also supported for backward compatibility: https://auth-emea.incountry.com/oauth2/token/ and https://auth-apac.incountry.com/oauth2/token/.
Updates & Accuracy
This data was current as of September 2024.
Please note that this may not be an exhaustive list. If you need more information, or you are interested in a data residency service in a country not listed above, please contact us at sales@incountry.com
The request template is the following:
- CURL
- Node.js
curl '{AUTH_ENDPOINT}' \
--user '{client_id}:{client_secret}' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'User-Agent: Client-name' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'audience={restapi_url} {storage_url}' \
--data-urlencode 'scope={environment_id}'
const { default: axios } = require('axios');
const requestHeaders = {
'Accept': '*/*',
'Cache-Control': 'no-cache',
'Accept-Encoding': 'deflate, br',
'Connection': 'keep-alive',
'Content-Type': 'application/x-www-form-urlencoded',
};
const config = {
headers: requestHeaders,
responseType: 'json',
params: {
activate: true
},
auth: {
username: client_id,
password: client_secret,
}
};
const data = {
grant_type: 'client_credentials',
audience: `${restapi_url} ${storage_url}`,
scope: environment_id,
};
const response = await axios.post(`${AUTH_ENDPOINT}`, data, config);
return response.data;
You received client_id, client_secret, environment_id and restapi_url on the Step 3 of Prerequisites. To get storage_url, remove "-restapi" substring from the restapi_url. For example, if restapi_url=https://id-restapi-mt-01.api.incountry.io then storage_url=https://id-mt-01.api.incountry.io.
The User-Agent header is mandatory. You can set it to any value you want or leave it as the default if your HTTP client has one.
The response is defined as follows:
{
"access_token": <token>,
"expires_in": 300,
"scope": <environment_id>,
"token_type": "bearer"
}
Use access_token as a Bearer auth token for all subsequent requests to RestAPI.
Web Services Authentication
To authenticate in Web Services, if the service and endpoints are configured correctly, you don't need any special authentication. In Web Services, InCountry mostly relies on the authentication mechanisms of the application backend.