Authentication

All API requests must be authenticated using OAuth 2.0 Client Credentials flow. You will need to obtain a Client ID and Client Secret to generate an access token from Raa Labs' authentication service. This access token (a JSON Web Token) encapsulates the permissions (scopes) for your client, determining which time series data you are allowed to access. Include the token in the header of every API request.

API credentials

Client ID and Client Secret are the credentials for your API client. After you obtain these, use them to request an access token. The token grants access to the time series data permitted for your client.

Obtaining API credentials

To get a Client ID and Secret for the Raa Labs API, please contact our support team. You can request credentials by emailing [email protected]. Raa Labs will provide the necessary credentials for your client.

Getting an Access Token

Use the OAuth 2.0 Client Credentials grant to obtain an access token. This is done by making a POST request to the authentication endpoint with your Client ID and Client Secret. For example, using cURL:

curl -X POST "https://auth.raalabs.io/oauth2/token" \
     -u {YOUR_CLIENT_ID}:{YOUR_CLIENT_SECRET} \
     -d "grant_type=client_credentials"

Replace {YOUR_CLIENT_ID} and {YOUR_CLIENT_SECRET} with the credentials provided to you. This request returns a JSON response containing an access token (JWT). The token will look like a long string of characters.

Once you have the token, include it in the Authorization header of all API requests:

For example: Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOi...

Refreshing Access Tokens

Access tokens have a limited lifetime (by default, 1 hour). The expiration time is encoded within the token. After a token expires, you must request a new one by repeating the Client Credentials grant (i.e. call the /oauth2/token endpoint again with your Client ID and Secret). There is no separate "refresh token"; simply obtain a new access token when needed.