Skip to content

Authentication

The Worklayer API uses an OAuth client credentials flow to authenticate requests. API client keys are currently provisioned on demand for your workspace. You can request API keys for your workspace by contacting our customer success team.

Your API client is associated with a machine-type member in your workspace, and permissions can be granted to that member to allow or restrict specific flows.

Be sure to keep your API keys secure and not share them in publicly accessible areas such as GitHub, client-side code, and so forth.

Authentication with the API is performed via requesting a token with your client and passing that token via an Authorization header as a Bearer token in the request.

All API requests must be made over HTTPS. Calls made over plain HTTP might fail. Likewise, API requests without authentication will also fail.

Retrieving a token

Request Parameters

client_id
string
required

Your client id.

client_secret
string
required

Your client secret.

audience
string
required

The audience of the token. Only https://api.worklayer.com/public/ is supported.

grant_type
string
required

Only client_credentials is supported.

Sample Request

Copied
1curl -X POST "https://taxfyle.auth0.com/oauth/token" \
2 -H 'content-type: application/json' \
3 -d '{"client_id":"{your_client_id}","client_secret":"{your_client_secret}","audience":"https://api.worklayer.com/public/","grant_type":"client_credentials"}'

Response

access_token
string

The access token.

scope
string

The scope of the token. Usually, api:access.

expires_in
number

The number of seconds until the token expires.

token_type
string

The type of token. Always Bearer.

Copied
1{
2 "access_token": "eyJhbGciOiJSUzI1NiIsIn...",
3 "scope": "api:access",
4 "expires_in": 3600,
5 "token_type": "Bearer"
6}

Authenticating a request

Here we show calling the member list endpoint with a token.

Copied
1curl -X GET 'https://api.worklayer.com/v1.0/members' \
2-H 'Authorization: Bearer {access_token}'

Last updated on May 19, 2022