Guides
Start typing to search…

/oauth2/token

Authentication with FlexFactor is mandatory for every request.

Request

curl --location -g --request POST '{{URL}}/oauth2/token' \
--header 'Content-Type: application/json' \
--data-raw '{
  "AppKey": "{Replace with your AppKey found on the portal}",
  "AppSecret": "{Replace with your AppSecret found on the portal}"
}'
var axios = require('axios');
var data = JSON.stringify({
  "client_id": "d572283e-1cd2-4c8b-9944-6d994ffc120e",
  "client_secret": "LLw_oYT_zDsV46Cq_wuOGw"
});

var config = {
  method: 'post',
  url: '{{URL}}/oauth2/token',
  headers: { 
    'Content-Type': 'application/json'
  },
  data : data
};

axios(config)
.then(function (response) {
  console.log(JSON.stringify(response.data));
})
.catch(function (error) {
  console.log(error);
});

Required keys

These keys will be used for retrieving a bearer token.

AppKey

The public Client ID used to identify your App.

Get this key.

AppSecret

The Client Secret used to authenticate.

Get this key.

Log into into your Sandbox. Go to section Developers > Api Keys get both your AppKey and AppSecret.

Response

accessToken

JSON Web Token (JWT) that contains information your mid. It's a short-lived token that provides access to protected resources for 10 minutes.

refreshToken

A longer-lived token that's used to obtain a new access token without needing to re-enter credentials.
You can use this token to request a new access token once the current access token expires.

expires

Timestamp indicating when the accessToken will expire.
In milliseconds since the Unix epoch (January 1, 1970).

Response example 
{
    "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJmZjVlOGNhYS04MTIyLTQyOTUtODVkZi1kOWRkYmNhMmU1NTMiLCJ1bmlxdWVfbmFtZSI6ImZmNWU4Y2FhLTgxMjItNDI5NSasdadsGRiY2EyZTU1MyIsImp0aSI6ImQwYzQzYjlkLWVhZDktNDFjNS1hMmFiLTBlZWVjNDQwNGUwMiIsImlhdCI6IjE2NjExNTcwNjg3OTIiLCJhdWQiOiJlbGlnaWJpbGl0eS1zZXJ2aWNlIiwiY3VzdG9tOm1pZCI6IjY1Zjg2YmY1LTk1NDYtNGRjMS1hNGIyLWE5MWIzOWMxODNkNCIsIm5iZiI6MTY2MTE1NzA2OCwiZXhwIjoxNjYxMTU3NjY4LCJpc3MiOiJBcGktQ2xpZW50LVNlcnZpY2UifQ.sFuj_ia3u0kM15oVmvXMLJSL60-raqk1IMKtlGqciE4",
    "refreshToken": "AQAAsadEAACcQAdsadUSgIrIRsFwgasdaspG2lVCBCO59WMUmYTG4qt3iFRBhNh4AHksd6Mw",
    "expires": 1620157668792,
    "id": "ff5e8caa-8122-4222-851f-d9dasca2e553",
    "success": true,
    "result": null,
    "status": null,
    "statusCode": null,
    "errors": [],
    "customProperties": {}
}

Token expires after 10 minutes from generation time.

Do not request a new token for each API request. Please use the current token until you receive a 401 unauthorized error, at which point you can request a new token.

All API requests are made over HTTPS.

All requests without authentication will fail.

Endpoints

Sandbox testing

https://api-sandbox.flex-charge.com/v1/

Production environment

https://api.flex-charge.com/v1/

The sandbox is a completely isolated environment, so feel free to experiment. When you're ready to move to production, we will provide you production credentials and give you access to the live environment.

Updated about 2 months ago

What’s Next

Use the bearer token for your next API calls