Authentication
How to authenticate with the Checkio API using client credentials.
Overview
The Checkio API uses Bearer tokens (JWT) for authentication. For server-to-server integrations, obtain a token using the OAuth 2.0 client credentials grant.
- Create API credentials in the Checkio dashboard under Credentials.
- Exchange your
client_idandclient_secretfor an access token via the Identity API. - Include the token in the
Authorizationheader of every API request.
Token Endpoint
POST https://identity-next.checkio.co.uk/v1/oauth/tokenSend an application/x-www-form-urlencoded request with the following parameters:
| Parameter | Required | Description |
|---|---|---|
grant_type | Yes | Must be client_credentials |
client_id | Yes | Your credential's client ID (UUID) |
client_secret | Yes | Your credential's client secret |
scope | No | Space-separated list of scopes |
Example Request
curl -X POST https://identity-next.checkio.co.uk/v1/oauth/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET"Response
{
"access_token": "eyJhbGciOiJFZERTQSIs...",
"token_type": "bearer",
"expires_in": 900
}Tokens expire after 15 minutes (900 seconds). Request a new token when the current one expires. There is no refresh token for client credentials - simply request a new access token.
Using the Token
Include the access token in the Authorization header:
GET https://api-next.checkio.co.uk/{tenantId}/v1/credit-reports
Authorization: Bearer eyJhbGciOiJFZERTQSIs...Try It
Enter your credentials below to request a token from the Identity API.