Generate JWT Authentication Token

JWT Authentication Tokens can be easily generated via a simple API call. The request to the token exchange should contain 4 key value pairs in the request body:

Key Description
client_id: Client ID provided by Riverty
client_secret: Client Secret provided by Riverty
audience: The audience defines which endpoints the token is to be used. Should always be set to https://api.horizonafs.io
grant_type: Is the method your application can gain the access token. Should always be set to client_credentials

The request should be sent using the header: Content-Type: application/x-www-form-urlencoded

Example Request

curl --location 'https://identity.riverty.io/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=ReplaceWithYourClientId' \
--data-urlencode 'client_secret=ReplaceWithYourClientSecret' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'audience=https://api.horizonafs.io'

Example Response

{
  "access_token": "eyJh...",
  "scope": "read_userprofile fullcontrol:user",
  "expires_in": 86400,
  "token_type": "Bearer"
}

The response body contains 4 properties:

Key Description
access_token: is the JWT token which holds all of your privileges and access rights. Do not expose this externally.
scope: is the permissions and access rights of the token
expires_in: is how long the JWT is valid for in seconds
token_type: is what kind of token the token is. In our responses it is specified Bearer which indicates that that you authenticate with a bearer token

Every call to our API requires an access token in order to be authorized and API requests are rejected if no authentication is used.

Example Request with Token

curl -X 'GET' \
  'https://api.riverty.io/subscription/v1/clients/your-client-id/subscriptions/subscription-id-1' \
  -H 'Authorization: Bearer eyJh...'