Skip to main content
Browse Documentation

Authentication

Created by Richard Saunders, last modified by Simon Horan on 22 Jan 2020

Overview

To access any resource from the Delivery API, a client needs to be authenticated with the Zengenti OAuth2 Identity provider, which is hosted alongside the Contensis web application. Websites are authenticated using the Client Credential flow which grants access to resources in a project.

The client provides both a clientId and a shared secret (which can be created and obtained from API key management as part of the API instantiation. These are used to request an access token from the authentication provider which are then cached locally and passed along with each request as a HTTP header to the Delivery API services. If the authentication request fails then a 401 HTTP status code is returned and an exception is thrown.

Periodically the access token will expire to ensure that if the access token is compromised then any grants are short lived. On an expiry a new access token is requested using the same mechanism as the initial token request. All this functionality is wrapped up in the C# Delivery API.

If you want to implement your own Delivery API wrapper in a different language then the implementation must implement the OAuth2 Client Credential flow as specified in RFC-6749 standard using the discovery document located at https://*YOUR_CMS_URL*/authenticate.