By Jim Anderson
This tutorial will show you how to use your API. We recommend that you log in to follow this quickstart with examples configured for your account.Calling the API From Your Application
You can call the API from your application by passing an Access Token in theAuthorization header of your HTTP request as a Bearer token.
Obtaining an Access Token
If you are calling the API from a Single-Page Application or a Mobile/Native application, after the authorization flow is completed, you will get an Access Token. How you get the token and how you make the call to the API will be dependent on the type of application you are developing and the framework you are using. For more information refer to the relevant application Quickstarts which contain detailed instructions: If you are calling the API from a command-line tool or another service, where there isn’t a user entering their credentials, you need to use the OAuth Client Credentials flow. To do that, register a Machine to Machine Application, and then subsequently use the Client ID and Client Secret of this application when making the request below and pass those along in theclient_id and client_secret parameters respectively. Also include the Audience for the API you want to call.
Read Application Settings for more information on getting the Client ID and Client Secret for your machine-to-machine app.
Auth0 customers are billed based on the number of Machine to Machine Access Tokens issued by Auth0. Once your application gets an Access Token it should keep using it until it expires, to minimize the number of tokens requested.
For testing purposes, you can also get an Access Token from the Test tab in your API settings.
Test Your API
1. Calling the secure endpoint You can make a request to the/api/private endpoint without passing any Access Token:
The API will return a 401 HTTP (Unauthorized) status code:
What can you do next?
* Part 3: Troubleshooting Your APIEdit on GitHub