Skip to main content

Authentication in InCountry

REST API Authentication

To authenticate in the REST API, you should get an OAuth2 access token and then provide it as an Authorization Bearer token in the REST API requests.

Creating an Access Token

To obtain an oAuth token, you should send a request to the authorization server with the credentials received on InCountry Portal.

Firstly, you need to determine AUTH_ENDPOINT for your country. Under the spoiler you can find available countries and corresponding auth servers.

Countries and auth endpoints

The following countries are supported by the InCountry platform.

Country CodeCountry
AEUnited Arab Emirates
AUAustralia
CACanada
CNChina (Hong Kong)
DEGermany
INIndia
RURussia
SASaudi Arabia
USUnited States
note

Please use the following access token endpoint for all operations in the countries above: https://idp.incountry.com/oauth2/token/. The legacy region-specific endpoints are also supported for backward compatibility: https://auth-emea.incountry.com/oauth2/token/ and https://auth-apac.incountry.com/oauth2/token/.

Updates & Accuracy

This data was current as of September 2024.

note

Please note that this may not be an exhaustive list. If you need more information, or you are interested in a data residency service in a country not listed above, please contact us at sales@incountry.com

The request template is the following:

curl '{AUTH_ENDPOINT}' \
--user '{client_id}:{client_secret}' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'User-Agent: Client-name' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'audience={restapi_url} {storage_url}' \
--data-urlencode 'scope={environment_id}'

You received client_id, client_secret, environment_id and restapi_url on the Step 3 of Prerequisites. To get storage_url, remove "-restapi" substring from the restapi_url. For example, if restapi_url=https://id-restapi-mt-01.api.incountry.io then storage_url=https://id-mt-01.api.incountry.io.

note

The User-Agent header is mandatory. You can set it to any value you want or leave it as the default if your HTTP client has one.

The response is defined as follows:

{
"access_token": <token>,
"expires_in": 300,
"scope": <environment_id>,
"token_type": "bearer"
}

Use access_token as a Bearer auth token for all subsequent requests to RestAPI.

Web Services Authentication

To authenticate in Web Services, if the service and endpoints are configured correctly, you don't need any special authentication. In Web Services, InCountry mostly relies on the authentication mechanisms of the application backend.