Reference Guides
      Back to home
      1. Knowledge Base
      2. Developers
      3. Reference Guides

      Authenticating your Application ⚡

      Now that you have your API key, you will need to create a 'bearer token' to complete the headers of your API call.

      The sequence to create a bearer token looks like:

      The application will be authenticated by the user account that created it, as the API Key is tied to a user ID

      This means that the user account with which the application was created will always show as the record creator when importing new records. You may want to consider creating a new user account - one that clearly identifies your application

      Scopes explained 

      Scopes define the permissions allowed by your application. 

      readUsersData 

      This scope is required for the application to view records, media, and collections. 

      User Story: The application shall be able to read any data available to the user who created the application.

      modifyUsersData 

      This scope is required for the application to view and modify records, media, and collections. 

      User Story: The application shall be able to modify any data available to the user who created the application.

      manageJobs 

      This scope is required for the application to view and manage jobs and workflows  

      User Story: The application shall be able to read any jobs visible to the user who created the application.

      roles 

      This scope is required for the application to search for a user or group 

      User Story: The application shall be able to view any users and groups visible to the user who created the application.

      createJobs 

      This scope is required for the application to create and manage workflow jobs

      User Story: The application shall be able to create and manage any jobs that are owned by the user who created the application. 

      modifyRoles 

      This scope is required for the application to modify users and email users 

      User Story: The application shall be able to modify any users where the user who created the application has the correct permissions

       

      Adding the scopes to your application

      Scopes must be assigned by the Imagen Media Control Centre before constructing your OAuth URL  

      OAuth URL construction

      The next step is to construct an OAuth URL to gain your bearer token. The arguments passed by this URL are shown below in greater detail:

      https://your_imagen_domain.com/oauth/authorize  Replace 'your_imagen_domain' with the FQDN of your Imagen domain
      ?response_type=token   (specifies that you are requesting a token in response)
      &client_id=[Your API key here]  Enter the API key (obtained in the previous section)
      &redirect_uri=urn:ietf:wg:oauth:2.0:oob&state=1 (specifies the default redirect value for an 'Installed Application')
      &scope=readUsersData modifyUsersData  Select the scopes required by your application. It is vital that you understand the scopes before constructing an OAuth URL. 

      Example OAuth URL:

      https://[your_imagen_domain.com]/oauth/authorize?response_type=token &client_id=[Your_API key_here]&redirect_uri=urn:ietf:wg:oauth:2.0:oob&state=1&scope=[readUsersData modifyUsersData]

      User Story: The application shall be able to read and edit any data available to the user who created the application.

      👉 Want to go further? Check out a sample response