GIGALOGISTICS

API Authorization

Introduction

The GIGA CLOUD LOGISTICS APIs support the OAuth 2.0 (bearer token) authentication method to authorize your application API requests with logistics resources. This OAuth access token needs to be provided with each API transaction to authenticate and authorize your access to the logistics resources.

Authorization API Details

This API allow you to authorize the API requests and it is required to authenticate the logistics resources. The following section describes the prerequisites for the API:

While registering to GigaCloud Developer portal, GigaCloud provides a combination of Client ID (API Key) and Client Secret (Secret Key) to authenticate API requests for your project. Each project under your organization is associated with a combination of Client ID and Client Secret, called as API credentials.

Note: Internal or Compatible customers can contact GigaCloud representative to obtain API and Secret Keys.

You can recreate the forgotten Secret Key from the Projects page on the GigaCloud Developer Portal.

Note: Creation of new keys will result into code change in your application.

Important: Throughout this page do read:

  • Client Key as API Key
  • Client Secret as Secret Key

How to get API Credentials

API credentials serve the following purposes:

  • It identifies the project making a call to the APIs.
  • Authorizes access to the API that are enabled under your project.

Follow these steps to get the credentials:

  • Client ID – API Key gets created once a project is created on GigaCloud Developer portal. You can also view the API Key associated with the project on the Project Overview page.
  • Client Secret – You will see the Secret Key on the confirmation page once a project is created on the GigaCloud Developer portal. If needed, the Secret Key can also be regenerated, on the Project Overview page.

How Authorization API Works

API Authorization

Once you have secured the API credentials on GigaCloud Developer portal, use this endpoint to get an access token to use as credentials with each API transaction.

Following are the required input information associated with this request:

  • grant_type – Type of customer. (Valid values: client_credentials)
  • client_id – Refers to the Project API Key.
  • client_secret – Refers to the Project API Secret Key.

The result of this request should return below:

  • access_token – The encrypted OAuth token that needs to be used in the API transaction.
  • token_type – Type of token. In this case, it is bearer authentication.
  • expires_in – Token expiration time in milliseconds. One hour is the standard Token expiration time.
  • Scope – Scope of authorization provided to the consumer.

Note: The access token expires after a period of time, it can be regenerated by using a POST request to the /oauth/token endpoint.

Example

Paste the following curl example into your Terminal:

curl --location --request POST 'https://apis.gigacloudlogistics.com/oauth/token' \
--data-urlencode 'client_id=_YOUR_CLIENT_ID_' \
--data-urlencode 'client_secret=_YOUR_CLIENT_SECRET_' \
--data-urlencode 'grant_type=client_credentials'
1
2
3
4

If your request was successful,you'll receive an HTTP 200 response that looks similar to this:

{
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpX……..",
    "expires_in": 3600,
    "refresh_expires_in": 0,
    "token_type": "Bearer",
    "scope": "xxx"
}
1
2
3
4
5
6
7

Note: The access token expires after a period of time, it can be regenerated by using a POST request to the /oauth/token endpoint.

Usage Limits