Client Credentials
Availability: All Customers
Alloy will POST a request to the client’s authorization server using the client_id and client_secret.
Note an authorization header derived from client_id and client_secret will be sent with every request, see Basic Authentication
POST /oauth2/token
Authorization: Basic QTdLNFg5VDJNQjpMME41QzhWMVFa
Content-Type: application/json
{
"grant_type": "client_credentials",
"client_id": "A7K4X9T2MB",
"client_secret": "L0N5C8V1QZ"
}Authorization server responds with an access_token:
{
"access_token": "abc123",
"token_type": "Bearer",
"expires_in": 3600
}Alloy will POST request to client’s webhook endpoint using the access_token:
POST /webhook-endpoint
Authorization: Bearer abc123
Content-Type: application/jsonExample webhook configuration:
Updated 15 days ago