Authentication is the very first step before using any endpoint of the Lengow API. It needs to be done at every connection.
Step 1: Client Credentials
Any partner willing to interact with the Lengow API will need a set of credentials (a Lengow account ID, an access token and a clientSecret), which can be found through the Lengow dashboard.
Where to find these API keys in Lengow:
- Log in to your Lengow Account
- Open the settings page from your profile > "General information"
- Find the section called "A.P.I". my.lengow.io/company/api
- You can copy the access token and the secret displayed in this section (see image below)
Need to renew your Lengow API keys?
To get a new access token and a new secret, simply click on the "Renew" button present on this page (see screenshot).
If you were using these API keys on your end, remember to replace the outdated ones.
Step 2: Acquiring an access token
Next up is acquiring an access token from our authentication service and setting this as an Authorization header when doing calls to the Lengow API.
1.Set up your identification environment in Postman
In order to request a token, start by creating the Authorization header.
- To do so, complete your client credentials using Postman and create your environment.
2.Requesting the access token
After setting the Authorization header, request a token by doing a POST:
The server returns a response like this:
3. Complete the identification environment with the access token
Open your environment again in Postman and add a new variable '"LENGOW_AUTH" with the generated token (see image - source: Postman)
Note: If the credentials have not been correctly provided, you will receive a 401 Unauthorized response from the server.
Once you have your token, all your API request will need an active Authorization header (Use the environment you created in Postman for example).