API Authentication

The Real-time CDP APIs employ OAuth 2.0, a widely adopted open-standard protocol, to authenticate and authorize access to resources securely. OAuth ensures that third-party applications can interact with Real-time CDP APIs without exposing sensitive credentials, thus enhancing data security and access control.

Key Benefits of OAuth 2.0 Authentication

Secure Access: OAuth tokens provide temporary and scoped access to resources, ensuring that each request is authenticated and controlled.
Granular Permissions: Access tokens can be generated with specific permissions to ensure that only the necessary resources are accessible.
Ease of Use: OAuth allows third-party services to interact with the Real-time CDP without the need to handle sensitive credentials directly.

Creating Access Token API

To interact with the Real-time CDP APIs, an access token is required. The access token is generated using the Creating Access Token API, which provides temporary credentials for a predefined scope and duration. The token is then included in the request headers of API calls that require authentication.

API Endpoints and Method

The endpoint for creating an access token will be provided by your Customer Success Manager (CSM) or Algonomy support team.

For example,

URL for Customer Profile B2B API

Copy

https://{B2B_API_URL}/secureApi/token/profile/create

URL for GDPR API

Copy

https://{GDPR_API_URL}/secureApi/token/gdpr/create

HTTP Method

POST

Note: Contact your CSM or Algonomy support team for actual URLs for the required API endpoints.

Request Header

Parameter	Type	Required?	Description
oauth_key_secret	String	Conditional	Required if your tenant is enabled with B2B API OAuth authentication. Example: 4faeaf752ee40a0f
tenant_hash	String	Required	Specifies the tenant hash provided by Algonomy. Example: abcd1234efgh5678ijkl9012mnop3456

Parameter

Type

Required?

Description

oauth_key_secret

String

Conditional

Required if your tenant is enabled with B2B API OAuth authentication.

Example: 4faeaf752ee40a0f

tenant_hash

String

Required

Specifies the tenant hash provided by Algonomy.

Example: abcd1234efgh5678ijkl9012mnop3456

Request Body Parameters

Parameter	Type	Required?	Description
resource	String array	Required	Specifies the resources you want to access with the created token. Example: ["basic", "segments", "userActivity"].
validity	number	Optional	Specifies the duration (in minutes) for which the token will be active. Default is 15 minutes. Example: 300

Parameter

Type

Required?

Description

resource

String array

Required

Specifies the resources you want to access with the created token.

Example: ["basic", "segments", "userActivity"].

validity

number

Optional

Specifies the duration (in minutes) for which the token will be active. Default is 15 minutes.

Example: 300

Example Request

Copy

1
2
3
4
5
{
"resource":["basic"],
"validity":300
}

Example Response

Copy

1
2
3
{
"token":"CkFV8QOtY37jal2JccgNN1V5x3FvY2jamq6Dk5w19x3SkHEU9Lz2ociq4GBR3"
}

Updating Access Token API

To update resources using an existing valid access token, you can utilize the following API endpoints. This enables you to extend the scope of access without generating a new token.

The Updating Access Token API allows users to update or extend the scope of an existing access token. This API is particularly useful when new resources need to be added to the access token without generating a new one.

API Endpoints and Method

The specific URL for updating an access token is provided by your CSM or the Algonomy support team.

For example:

URL for Customer Profile B2B API

Copy

https://{B2B_API_URL}/secureApi/token/profile/update

URL for GDPR API

Copy

https://{GDPR_API_URL}/secureApi/token/gdpr/update

Request Header

The same request headers as described in the Creating Access Token API section are used.

Request Body Parameters

Parameter	Type	Required?	Description
resource	String array	Required	Specifies the resources to be updated or added for the token. Example: ["basic", "segments", "userActivity"]
token	String	Required	The current access token that needs to be updated.

Parameter

Type

Required?

Description

resource

String array

Required

Specifies the resources to be updated or added for the token.

Example: ["basic", "segments", "userActivity"]

token

String

Required

The current access token that needs to be updated.

Example Response

Copy

1
2
3
4
5
{
  "resource": ["basic", "segments"],
  "token": "CkFV8QOtY37jal2JccgNN1V5x3FvY2jamq6Dk5w19x3SkHEU9Lz2ociq4GBR3"
}

Note that the structure of the request payload and other details remain the same. Additionally, you need to include the token as an additional request body parameter, along with the previously generated token as its value. It is necessary to specify the desired set of resources in the payload.

In this example, the resources have been updated, including the addition of another resource called "segments".

Example Response

Copy

1
2
3
4
5
{
  "message": "Token updated successfully",
  "token": "CkFV8QOtY37jal2JccgNN1V5x3FvY2jamq6Dk5w19x3SkHEU9Lz2ociq4GBR3"
}