Authentication

The authentication mechanism for Core API is based on the bearer authentication specification (also called token authentication) within the OAuth 2.0 Authorization Framework, an HTTP authentication scheme that uses security tokens (or bearer tokens) as part of submitted API calls over HTTP. See RFC6750 for details.

A bearer token is usually a cryptic piece of text and can be generated upon request.

You will need a public token to make API calls. You are able to retrieve this token one of two ways: through API Key or OAuth 2.0 method.

Important Note: Always store and use your token in a secure manner to protect it against unlawful access and exposure.

API Key Authentication

How to obtain API keys

  1. Open your Tulip Admin Console and sign in if required.

  2. Click on Integrations option on the left-side menu panel.

  3. Click on API Keys.

  4. Click on Create button to create an API key for your Tulip instance.

  5. A pop-up window will appear allowing you to write a comment associated to the API key you will be creating. Write a comment and click Save.

  6. Once completed, a API key will appear, use this for making any API calls in Tulip.

Note: You can also manage (delete key or edit comment) the API keys using the buttons in the Actions column on the right.

OAuth 2.0 Client Credentials Authentication

  1. Open Tulip Admin Console

  2. Click on Tulip Admin option on the left-side menu panel.

  3. Click on Auth Clients.

  4. Click on Create on the top right to create a client.

    • Set Client Name
    • Generate Client Secret (Confidential)
    • Leave Redirect URL as empty
    • Set Type to API Client

  5. Once completed, you will be provided with a Client ID and Client Secret. Please store your client secret in a safe spot.

  6. Copy the Client ID and Client Secret for your reference.

  7. You can use any OAuth 2.0 Client Credentials library to retrieve the token.

How to get OAuth 2.0 Token

Things you need:

  • Client ID
  • Client Secret
  • Token/Auth URL: <your_tulip_tenant_url>/auth/oauth2/token

Example Request:

curl --location --request POST 'https://<your_tulip_tenant_url>/auth/oauth2/token' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --basic --user '{{clientId}}:{{clientSecret}}' \
    --data-urlencode 'grant_type=client_credentials' \
    --data-urlencode 'scope=api'

Note: scope and grant_type need to be passed in the request body

In the response, you will be provided with an Access Token which you can use to authenticate and make API calls.

Hint: Postman has a built in integration under the Authorization tab where you are able to select OAuth 2.0 as Authorization Type and fill all the values mentioned above to obtain your token. Follow this guide.

← Getting started
Data Types →