Server Authentication

Server Authentication

Much of the Fractal API is only available to server-side requests. You don't want users reporting scores to our API for a leaderboard, right?

Any of the server API calls will use the client id and secret issued in the Developer Portal (opens in a new tab). You can find a guide on how to get started with the Developer Portal here.

Here is how you get a project API token to make requests to things like our tournament service:

You first need to make a request to our authentication API using your client_id and client_secret to retrieve a valid bearer token which expires after 20 hours.

curl --request POST \
     --url 'https://auth-api.fractal.is/auth/oauth/token' \
     --header 'content-type: application/json' \
     --data '{
        "client_id":"<PROJECT_CLIENT_ID>",
        "client_secret":"<PROJECT_SECRET>"
        }
      '

Sample response:

{
    "access_token":"eyJhbGciO…L7WmYABQ",
    "token_type":"Bearer"
}

Once you have received a valid bearer token, you can use it to make authenticated requests to our API.

Validate User Auth TokenBuying Item