Getting authenticated

To gain access to the Salto KS Connect API endpoints, you first need to get authenticated. For this you will need your client ID and client secret, as well as creating a user on the Salto KS platform. The client ID and client secret will be securely shared with you by the Salto team. The first user must be created manually on the Salto KS web application. After you have completed this step, you are ready to get authenticated using the API.

There are several different flows you can follow for authentication. By default, your tenant will be activated for the authorization_code flow. The following steps describe how to get an access token following the password_grant flow. This flow should generally not be used in production, but it is a straightforward way to test API calls.

• Setting up your environment: Set up an acceptance environment and change the URLs of the servers to the environment you are using.

• Creating the request: Create a POST request to {{identityserverurl}}/connect/token. The value {{identityserverurl}} will automatically be replaced by the URL you have put in your environment variable. Add Basic Auth as the authorization type of your request. For the username, use your client ID and for the password, your client secret.

• Adding the body: Add the following body to the request: grant_type, scope, username, and password. In the username and password fields, use the same email and password you used to create your Salto KS user.

• Copying the token: Add the code to the Tests section of the request. This will automatically copy your access token and refresh token to the environment variables, so you don't have to manually copy and paste them every time.

• Getting the token: If all the steps have been followed correctly, as soon as you press send, you should receive a response with the status "200 OK", with the access token included in the response body.

You are now ready to make requests to the Salto KS Connect API.