Authentication in InCountry
REST API Authentication
To authenticate in the REST API, you should get an OAuth2 access token and then provide it as an Authorization Bearer token in the REST API requests.
Creating an Access Token
To obtain an oAuth token, you should send a request to the authorization server with the credentials received on InCountry Portal.
Firstly, you need to determine AUTH_ENDPOINT
for your country. Under the spoiler you can find available countries and corresponding auth servers.
Countries and auth endpoints
The following documentation lists the country codes supported by the InCountry platform.
This data was current as of April 2024.
Americas, Europe, Middle East, Africa, India
Please use the following authorization endpoint when writing regulated data to the countries of this region: https://idp.incountry.com/oauth2/token/
or https://auth-emea.incountry.com/oauth2/token/
Country Code | Country |
---|---|
CA | Canada |
US | United States |
DE | Germany |
RU | Russia |
AE | United Arab Emirates |
SA | Saudi Arabia |
IN | India |
Asia & Asia-Pacific (except India)
Please use the following authorization endpoint when writing regulated data to the countries of this region: https://auth-apac.incountry.com/oauth2/token/
Country Code | Country |
---|---|
AU | Australia |
CN | China (Hong Kong) |
Updates & Accuracy
Please note that this may not be an exhaustive list. For more information, please contact us at sales@incountry.com
The request template is the following:
curl '{AUTH_ENDPOINT}' \
--user '{client_id}:{client_secret}' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'User-Agent: Client-name' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'audience={restapi_url} {storage_url}' \
--data-urlencode 'scope={environment_id}'
const { default: axios } = require('axios');
const requestHeaders = {
'Accept': '*/*',
'Cache-Control': 'no-cache',
'Accept-Encoding': 'deflate, br',
'Connection': 'keep-alive',
'Content-Type': 'application/x-www-form-urlencoded',
};
const config = {
headers: requestHeaders,
responseType: 'json',
params: {
activate: true
},
auth: {
username: client_id,
password: client_secret,
}
};
const data = {
grant_type: 'client_credentials',
audience: `${restapi_url} ${storage_url}`,
scope: environment_id,
};
const response = await axios.post(`${AUTH_ENDPOINT}`, data, config);
return response.data;
You received client_id
, client_secret
, environment_id
and restapi_url
on the Step 3 of Prerequisites. To get storage_url
, remove "-restapi" substring from the restapi_url
. For example, if restapi_url=https://id-restapi-mt-01.api.incountry.io
then storage_url=https://id-mt-01.api.incountry.io
.
The User-Agent header is mandatory. You can set it to any value you want or leave it as the default if your HTTP client has one.
The response is defined as follows:
{
"access_token": <token>,
"expires_in": 300,
"scope": <environment_id>,
"token_type": "bearer"
}
Use access_token
as a Bearer auth token for all subsequent requests to RestAPI.
Web Services Authentication
To authenticate in Web Services, if the service and endpoints are configured correctly, you don't need any special authentication. In Web Services, InCountry mostly relies on the authentication mechanisms of the application backend.