The Send Side API uses OAuth 2.0 via the Bold Penguin authentication service for access control. OAuth 2.0 allows client to server authentication for HTTP services using ephemeral credentials.
You submit your unique client_id and client_secret and receive an access_token
that will be used as a bearer token for subsequent requests. Tokens are valid
for 12 hours. You can re-use The
access_token for authenticating future
requests. This token must be present as an authorization header when you
send your application form to the Exchange:
Authorization: Bearer <access_token>
Your Account Manager will provide you with a unique client_id and client_secret for each environment.
The following is an example client credentials grant the service would receive.
POST /token HTTP/1.1 Host: authorization-server.com grant_type=client_credentials &client_id=xxxxxxxxxx &client_secret=xxxxxxxxxx