Link Search Menu Expand Document

Authentication

The Melodia API uses OAuth 2.0 open new tab to authenticate and authorize all requests. The authentication endpoint is located here:

https://auth.melodia.io/oauth2

Table of contents

Requirements

In order to authenticate your calls to Melodia’s API, you will need both of the following credentials:

  • API_KEY
  • CLIENT_SECRET

To obtain your credentials and learn more about our packages and pricing, please contact us at hi@melodia.io.

The following steps guide you on how to obtain an access token using your credentials in order to authenticate your API calls.

Step 1: Reuqest Access Token

Before you can make any calls to the Melodia API, you must first obtain an access token using your credentials. The following provides an example of how to make such a request:

>> curl -X POST --user API_KEY:CLIENT_SECRET 'https://auth.melodia.io/oauth2/token?grant_type=client_credentials' -H 'Content-Type: application/x-www-form-urlencoded'

The response will have the following form:

{
    "access_token": ACCESS_TOKEN,
    "expires_in": 3600,
    "token_type": "Bearer"
}

The access token provided in the response will be used to make a call to the API in the next step. Note that the access token is only valid for a finite duration after it has been retrieved as indicated by the ‘expires_in’ entry of the response (3600 seconds in the above example).

Step 2: Make Call to API

Once you have obtained an access token, you can start making requests to the API. To make a request, pass in the access token using the Authorization header as well as your API_KEY using the x-api-key header in the request. The following is an example of making a request with the appropriate headers:

>> curl -X POST 'https://api.melodia.io/v1/package.module?params' -H 'Authorization: Bearer ACCESS_TOKEN' -H 'x-api-key: API_KEY'

A successful response will look as follows:

{
    'statusCode': 200,
    'body': ...
}

Note that Access tokens expire after a certion period following their request. You can request a new access token by repeating Step 1.