Getting Started

Authentication

View as Markdown

All Rendr API requests must be authenticated using a Bearer token. Tokens are obtained via the Auth Token endpoint using OAuth2.

Obtain a Token

1POST {domain}/{tenant_id}/auth/token

tenant_id is your account identifier provided by Rendr. It scopes all API requests to your brand or store.

Tokens expire after 3600 seconds (1 hour). Your client_id and client_secret are provided by your Rendr implementation partner.

Client Credentials Grant

Use this grant type for server-to-server integrations.

1{
2    "grant_type": "client_credentials",
3    "client_id": "{{client_id}}",
4    "client_secret": "{{client_secret}}"
5}

Response

By default, the token response is wrapped in a data object:

1{
2    "data": {
3        "access_token": "eyJ...Rrlg",
4        "expires_at": "2020-12-21T03:19:07.000Z"
5    }
6}

Alternatively, Rendr supports a configuration where the token is returned at the root level of the response, without the data wrapper:

1{
2    "access_token": "eyJ...Rrlg",
3    "expires_at": "2020-12-21T03:19:07.000Z"
4}

The response format is determined by your account configuration. Contact your Rendr implementation partner to confirm which format applies to your integration.

Using the Token

Include the token in the Authorization header on every request:

Authorization: Bearer {{access_token}}

Tokens expire after 1 hour. Implement token refresh logic in your integration to avoid 401 Unauthorized errors.