Sections

Authentication

The following guide will show you how to perform the authorization needed to access our APIs. You’ll first need to register and be approved to access your organization’s Beeline VMS information before you can begin calling APIs. To start using the APIs, you will need to tell the system you are allowed to do so.

Beeline utilizes the OAuth protocol that enables a token-based authentication workflow, and lets you call the APIs in a test environment. OAuth uses access tokens for accessing APIs. A token represents a permission that is granted to a client to access protected resources. The method to acquire a token is called a grant.

Haven't registered yet? Before you can authenticate, head to the Getting Started page to request access and follow the instructions to begin calling Beeline APIs.

Get Started

Authentication Process

1
Locate your Client ID and Client Secret

To find your Client ID and Client Secret after obtaining approval, follow the instructions below:

  1. Login to the Beeline VMS
  2. Click the Help icon in the upper right-hand corner, and select API Authentication from the drop-down list
  3. Scroll down to the Auth0 Credentials field to view the Client ID and Client Secret
2
Generate an access token

To request an access token, you first need to send a POST request with the following body parameters to the authorization server. In the POST request, the “audience” will be the base URL for the API you are using. See below for examples of the body parameters:

Authorization server URL: https://azure-prj.auth.beeline.com/oauth/token
Example parameters for the Client Onboarding API:
        {
            "client_id":"myid",
            "client_secret":"mysecret",
            "audience":"https://edge.beeline.com/client-onboarding",
            "grant_type":"client_credentials"
        }

When requesting a token for other APIs (e.g. worker, reporting), use the corresponding audience for that API. Refer to the API Products page for the appropriate audience.

Please be sure not to commit your ClientID and your Client Secret as these are strictly private.
The authorization server will respond with a JSON object containing the following properties:
            {
                "access_token": "your_token_would_be_here",
                "expires_in": 1800,
                "token_type": "Bearer"
            }

Access tokens expire 30 minutes after they are issued. A new token can be obtained by making a request for a new access token, similar to the initial access token.

3
Call the API using the access token

Once the token is obtained, you are ready to perform your API calls. To access the API you want, you need to add the authorization header to your requests with the value Bearer {access_token}, where access_token is the token you have just obtained:

Authorization: Bearer (access_token)

Once your application is ready to be used, you might consider moving it to a production environment. Check the authorization email you received for instructions on enablement in a production environment.

Need Support? Let us know!

Do you need help or have questions about our APIs? Do you have any suggestions or specific requirements? Let us know:

Contact Us