Authentication
Token based Authentication- It does not require client IPs to be whitelisted at the time of onboarding. Enterprise must use a bearer token which can be generated using following Username and Password.
API end point: https://auth.aclwhatsapp.com/realms/ipmessaging/protocol/openid-connect/token
Method – Post
Header Values
Header Values
| Name | Description | Value |
|---|---|---|
| cache-control | Fixed value | no-cache |
| content-type | Fixed value | application/x-www-form urlencoded |
Data Object Values
| Name | Description | Value |
|---|---|---|
| grant_type | Used to identify the authentication method Value- | password |
| username | Username value provide by Sinch at the time of onboarding | |
| password | Password value provide by Sinch at the time of onboarding |
Curl Request
‘https://auth.aclwhatsapp.com/auth/realms/ipmessaging/protocol/openid-connect/token' \
--header 'cache-control: no-cache' \
--header 'content-type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=ipmessaging-client' \
--data-urlencode 'username=<>' \
--data-urlencode 'password=<>'
The response of the above request is as follows.
| Name | Description |
|---|---|
| access_token | Access token value to be used for sending messages. |
| expires_in | Time span for which Access token is valid in Seconds |
| refresh_token | Refresh token - to be used to regenerate the access token |
| refresh_expires_in | Time span for which Refresh token is valid in Seconds |
| token_type | Fixed value- Bearer |
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAi",
"expires_in": 300,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6",
"token_type": "Bearer",
"not-before-policy": 0,
"session_state": "f2cd48bf-d162-4754-b2c7-bdc9c97064b3",
"scope": "email profile"
}