Authentication

You'll need to authenticate your requests to access any of the endpoints in the VEO API. In this guide, we'll look at how authentication works.

Getting an access token

Before you get a token, you'll need a client ID and secret for your application. If you've not got these yet then please speak to your VEO representative.

Again, much like the API, we offer environments for your production code and for your development needs. You'll need a seperate Client ID and secret for each of these environments:

• for Production use https://tokenapi.veo.co.uk/oauth2/token.
• for Development and testing use https://tokenapiuat.veo.co.uk/oauth2/token.

To get a token you must perform a x-www-form-urlencoded post to the appropriate endpoint from above including the following form fields:

• Username - your VEO username
• Password - your VEO Password
• Grant_type - the specific value password
• Client_id - your client ID as given to you by your VEO representative.

curl --location 'https://tokenapi.veo.co.uk/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Username={your_email_address}' \
--data-urlencode 'Password={your_password}' \
--data-urlencode 'Grant_type=password' \
--data-urlencode 'Client_Id={your_client_id}'

The resulting response should be a 200 status code with the following body:

{
    "access_token": "{your_token}",
    "token_type": "bearer",
    "expires_in": 1209599
}

API requests with OAuth2 bearer token

The recommended way to authenticate with the VEO API is by using OAuth2. When establishing a connection using OAuth2, you will need your access token — which you will retrieve by making an OAuth 2 request to the authorization server. More on this later. Here's how to add the token to the request header using cURL:

curl https://api.veo.co.uk/api/users \
  -H "Authorization: Bearer {token}"

Always keep your token safe and reset it if you suspect it has been compromised.