Grant-Type Password

Grant Type Password will return two important items.

access_token - Store the returned access token in your application to authenticate the other endpoint requests. The access token expires after 3600 seconds.
refresh_token - Password or Code grant types are limited to 5 authentication attempts per hour. Using the refresh token workflow avoids unneeded access token requests and prevents your application from reaching this limit. The refresh token does not expire until a new token is requested via any of the Grant Type calls.

ParameterParameter TypeData TypeDescription
grant_typex-www-form-urlencodedstringMust be set to 'password'
client_idx-www-form-urlencodedstringThe Client ID found in your Act-On account.
client_secretx-www-form-urlencodedstringThe Client Secret found in your Act-On account.
usernamex-www-form-urlencodedstringThe username for the Act-On account you wish to authenticate to
passwordx-www-form-urlencodedstringThe password that pairs with that username

Example

curl --request POST \
     --url https://api.actonsoftware.com/token \
     --header 'accept: application/json' \
     --header 'content-type: application/x-www-form-urlencoded' \
     --data '
{
  "grant_type": "password",
  "username": "[email protected]",
  "password": "example",
  "client_id": "jdaf823jsjsfd731jn",
  "client_secret": "lsdfljsf873r92nlwhfy7eihwifhji74"
}
'

Response

{ 
   "access_token":"12345678-9abc-defg-hijk-lmnopqrs",
   "refresh_token":"12345678-9abc-defg-hijk-lmnopqrs",
   "scope":"offline-access",
   "token_type":"Bearer",
   "expires_in": 3600
}