OAuth
With service accounts, you are enabled to use the OAuth2 Client Credentials Flow for accessing Talend Cloud APIs.
This service account specific token is more secure than the personal access tokens typically used by a user.
It is recommended to use service accounts along with their access tokens to issue API calls, when a specific user does not need to be involved in these calls.
It is recommended to use service accounts along with their access tokens to issue API calls, when a specific user does not need to be involved in these calls.
Media type
application/json
Endpoints
-
https://api.eu.cloud.talend.com
URL for the AWS Europe region
-
https://api.ap.cloud.talend.com
URL for the AWS Asia Pacific region
-
https://api.us.cloud.talend.com
URL for the AWS United States East region
-
https://api.au.cloud.talend.com
URL for the AWS Australia region
-
https://api.us-west.cloud.talend.com
URL for the Azure United States West region
Security scheme
This scheme can be referenced across the API
Public
Name | Description |
---|
Name | Description | Type | Attributes and examples |
---|---|---|---|
Authorization | Base64 encoding of a client_id:client_secret pair. For example, if the service account uses “Aladdin” as the client id and “open_sesame” as the secret, then the header’s value is the Base64 encoding of “Aladdin:open_sesame”, or “QWxhZGRpbjpvcGVuIHNlc2FtZQ==”. | string Required |
Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== |
Get JWT token
POST /security/oauth/tokenUse the service account credentials to get an OAuth2 JWT access token through the Client Credentials Grant flow.
Required permission to use this endpoint: Service Account - Manage. The ID of this permission is
Required permission to use this endpoint: Service Account - Manage. The ID of this permission is
TMC_SERVICE_ACCOUNT_MANAGEMENT
.Request
Name | Description | Type | Attributes and examples |
---|---|---|---|
talendVersion | API version | string Optional |
Name | Description | Type | Attributes and examples |
---|---|---|---|
talend-version | API version | string Optional |
Body
application/json
Response
401Status 401
The ClientId or Secret is missing or invalid
403Status 403
The account provided does not have the required permissions
500Status 500
500 - Internal Server Error
TokenRequest
A token request is an object used to obtain an access token through the OAuth 2 Client Credentials Grant flow.
Object
Name | Description | Type | Attributes and examples |
---|---|---|---|
grant_type | The OAuth 2 flow that must be used to obtain an access token. The value must be set to “client_credentials”. | string Required |
client_credentials |
audience | The unique identifier of the target API to access | string Required |
https://api.eu.cloud.talend.com/ |
TokenResponse
Access token is returned in this response.
Object
Name | Description | Type | Attributes and examples |
---|---|---|---|
access_token | The access token obtained in JWT format. | string Required |
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c |
token_type | The type of the token issued as described in the OAuth 2 specification. The value is usually “Bearer”. | string Required |
Bearer |
expires_in | The lifetime in seconds of the access token. For example, the value 3600 denotes that the access token expires at the end of one hour from the time the response is generated. | string Optional |
3600 |