HomeGuidesRecipesAPI ExplorerForumSandboxSupport

Get your credentials

Learn the steps to set up your Partner account and authenticate API calls.

Overview

After you have learned about different levels of the Monite account structure, you can create your partner account with Monite and get your API credentials.

The API credentials allow you to generate the access tokens required to make API calls to the Monite platform. Follow these steps to generate your partner access token:

  1. Register a partner account.
  2. Create a project.
  3. Get API credentials.
  4. Generate a partner access token.

1. Register a partner account

The first thing you need to do is to register your partner account on the Monite Partner Portal.

After signing up, you must confirm your email address by clicking the link in the registration email.

2. Create a project

A project represents the product that a Monite API Partner is developing for their clients.

To create a project:

  1. From the Partner Portal's sidebar, select Projects.
  2. Click New Project.
  3. Specify the project name and click Create project.

The created project appears in the project list.

3. Get API credentials

After creating a project, you can generate the API credentials required to access the Monite API:

  1. In the Partner Portal, click API Credentials next to your project.
  1. On the page that opens, click Add credential.

  2. Copy the generated ID and Secret as you won't be able to see them again.

❗

Keep your ID and secret secure, because they provide access to all your data and your customers' data stored in Monite.

:information-source: Tip

You can create multiple sets of API credentials for use in different contexts. For example, one set for a client app and another one for a CI/CD environment.

4. Generate a partner access token

The client ID and secret need to be exchanged for an access token, which is then used to authenticate your API calls. To do this, call POST /auth/token with the following request body:

{
  "grant_type": "client_credentials",
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET"
}

For example:

curl -X POST 'https://api.sandbox.monite.com/v1/auth/token' \
     -H 'X-Monite-Version: 2023-06-04' \
     -H 'Content-Type: application/json' \
     -d '{
        "grant_type": "client_credentials",
        "client_id": "28c10852-7e78-43cf-abfb-efeed7734963",
        "client_secret": "615b3cfa-646b-41d9-b768-521f79315ac5"
     }'

The successful response contains the token and its validity time (in seconds):

{
  "access_token": "eyJ0eXAiOiJKV1QiLCJhb...",
  "token_type": "Bearer",
  "expires_in": 1800
}

Now you can send this token in the Authorization header in subsequent API calls to the Monite platform:

Authorization: Bearer YOUR_TOKEN

🚧

Besides generating a partner-level access token with highest privileges for all operations, you might also consider using entity-user tokens with more granular roles and permissions. To learn more about the Role-Based Access Control system and other main security considerations, refer to Authentication.

Next steps

Congrats! Now you are all set to continue integrating with the Monite platform. Please proceed with the following step to set up your backend: