Authentication

The Aprovall API uses JWT tokens (JSON Web Tokens) to authenticate your requests via OAuth 2.0.

Get Your Credentials

To use the API, you need an Aprovall user account. Contact your account manager to obtain:

• Username — Your user identifier
• Password — Your password

Get a JWT Token

Before calling the API, you must obtain a JWT token via the authentication endpoint.

curl -X POST https://auth.e-attestations.com/auth/realms/eat_realm/protocol/openid-connect/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=password" \
  -d "client_id=ea-api-edge" \
  -d "username=YOUR_USERNAME" \
  -d "password=YOUR_PASSWORD"

Parameters

Response

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 300,
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refresh_expires_in": 1800
}

The access_token is valid for the duration indicated by expires_in (in seconds). Use the refresh_token to obtain a new token without re-entering your credentials.

Using the Token

Include the token in the Authorization header of all your API requests:

curl -X GET https://edge.aprovall.com/api/v1/account/123/thirdparties \
  -H "Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."

Best Practices

• Store the token securely — Server-side environment variables
• Renew the token before expiration — Plan for a safety margin
• Handle 401 errors — Request a new token if necessary
• Use HTTPS only — Never transmit tokens in clear text

Next Steps

• Quick Start — Create your first third-party
• Concepts: Third party — Understand the API objects