Issue a token
POST /v1/auth/token is public; it does not require a bearer token or the
x-zeam-auth header.
Your application’s client ID.
Your application’s client secret.
cURL
Response
The bearer token. Send it as
Authorization: Bearer <accessToken>.Always
Bearer.Seconds until the token expires.
Use a token
Send the token with your application secret on every protected request:cURL
Refresh a token
Tokens are short-lived and there is no refresh token. To refresh, callPOST /v1/auth/token again with your client credentials and use the new token.
Errors
The token endpoint can return:400, the request body is malformed.401, the client credentials are invalid.429, too many requests; honor theRetry-Afterheader.