API -  Client ID connection guide

Overview of Changes

The inbound policy for DayStat, WeekStat, and MonthStat APIs (both production and development environments) has been updated. Subscription key and ClientApp authentication are now both possible.

Authentication Details

Access to the APIs is granted via OAuth 2.0 using client credentials. Each company receives a client ID and secret. JWT Tokens must be obtained from the authorization server and included in API requests.

Prerequisites

·         Client ID and secret provided by NSC IT.

·         Access to the token endpoint URL.

·         Tool for making HTTP requests (e.g., curl, Postman) or application code.

Step-by-Step Connection Instructions

1.      Obtain your client ID, Secret and Scope from NSC IT. raa@seafood.no

2.      Request an access token from URL: https://login.microsoftonline.com/c1a47aaf-15d2-4dda-b95c-e00ab791baba/oauth2/v2.0/token

a.       Using secret, client id and scope. -> Send as Basic header

2.      Store the received access token securely, it will be valid for 1 year.

3.      Include the access token in the API calls.

4.      Verify the response and handle errors appropriately.