Login
Contents x
Authentication
  • 17 Oct 2023
  • 1 Minute to read
  • Dark
    Light
Contents

Authentication

  • Updated on 17 Oct 2023
  • 1 Minute to read
  • Dark
    Light
Article Summary

Torq REST API uses bearer tokens to authenticate requests. You generate a bearer token by sending a request to the Torq authentication server. In the request to the authentication server you'll provide your Torq API key, which consists of a client id and client secret. After a successful request to the authentication server you'll receive a bearer token that you will pass in the Authorization header for all Torq API requests.

🗒️ NOTE
A bearer token is valid for one hour (3,600 seconds).

Create an API key

The API key consists of a client_id and client_secret . These credentials are used to authenticate when you request a bearer token.

API keys are workspace-specific. This means that requests are made on the workspace where the API key used to create the bearer token was created. Make sure the API key you're using to generate the bearer token was created in the workspace you want to run the requests on.

  1. In Torq, click your workspace icon/avatar.
  2. Click API Keys > Create API Key.
  3. Give the API key a meaningful name and click Create.
  4. Copy the Client ID and Client Secret to a safe place. You won't be able to access the Client Secret later.

Generate a bearer token

To generate the bearer token, send a request to the endpoint: https://auth.torq.io/v1/auth/token . See the sample request below for the full request.

Replace <CLIENT_ID>_and _<_CLIENT_SECRET> with the client ID and client secret you received when you created the API key.

Sample request - cURL

curl POST https://auth.torq.io/v1/auth/token -H "Accept: application/json"  -H "Accept-Language: en_US"  -u "<CLIENT_ID>:<CLIENT_SECRET>"  -d "grant_type=client_credentials"

Sample response - cURL

The bearer token is the value of the access_token key.

You will pass this token in the authorization header for all API requests: Authorization: Bearer <token> .

{"access_token":"81b15ad9-****-2245-****-f05p37053b25","expires_in":3600,"token_type":"Bearer"}

Sample request - Torq

You can generate the bearer token in Torq by using the Send an HTTP Request step. You need to add a body field for the grant type.

FieldValue
URLhttps://auth.torq.io/v1/auth/token
MethodPOST
AuthorizationBasic
UsernameThe client_id you received when you created the API key.
PasswordThe client_secret you received when you created the API key.
Content typeapplication/x-www-form-urlencoded
Type
  • Name: grant_type
  • Value: client_credentials

Sample response - Torq

{
  "api_object": {
    "access_token": "8266095f-****-****-****-203a47f40c06",
    "expires_in": 3600,
    "token_type": "Bearer"
  },
  "headers": {
    "Access-Control-Allow-Credentials": "true",
    "Access-Control-Allow-Origin": "https://app.torq.io",
    "Cache-Control": "no-store",
    "Content-Length": "96",
    "Content-Type": "application/json;charset=UTF-8",
    "Date": "Mon, 21 Mar 2022 15:00:02 GMT",
    "Pragma": "no-cache",
    "Strict-Transport-Security": "max-age=15724800; includeSubDomains"
  },
  "status_code": 200,
  "step_status": {
    "code": 1,
    "message": "",
    "verbose": ""
  }
}
Was this article helpful?
What's Next
Change password!
Changing your password will log you out immediately. Use the new password to log back in.
Change profile
Success!
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
Logout