OAuth 2.0 protocol is implemented to generate access token of JWT token (applicable for 30 mins only) with client credential grant type.  You can request up to 5 CLIENT IDs + CLIENT Secret per company account.

How to get access to this API?

If you are a Colt customer then please contact your Account Executive.

How to use this API

Click below to download the API user guide.

Download User Guide
 

Not a customer yet?

Contact our Sales Team  

API overview

Status                                               LIVE

Version                                             v1

Maturity status                                PRODUCTION

Endpoint (Production)                   https://apis.colt.net/authentication

Endpoint (Sandbox)                       https://sandbox.apis.colt.net/authentication

 

Errors returned by Auth API

Http response

code

reason

message

details

400

Bad request

Colt will return a HTTP-400 error when the request is malformed or invalid. See the message of the error for tips before trying again.

001

Validation not met

The request is missing authorization parameter.

The request is missing authorization parameter

002

Validation not met

The request is missing grant_type.

The request is missing grant_type

003

Validation not met

The request is missing content_type header

The request is missing content_type header

004

Validation not met

The request is missing APIGWTrackingId.

The request is missing APIGWTrackingId

005

Validation not met

Invalid input parameter

The request contains

  1. unsupported parameters
  2. Multiple credentials
  3. More than one mechanism for authenticating

006

Validation not met

The authorization grant type is not supported by authorization server

The authorization grant type is not supported by authorization server

401

Unauthorized

Colt returns a HTTP-401 error when the specified user’s authorization parameter is either invalid or missing or expired. Ensure the provided credentials are valid.

001

Authentication error

The authorization parameter is missing.

Client authentication failed due to no client authentication included in the request.

002

Authentication error

The authorization parameter is not valid.

Client authentication failed due to unsupported authentication method other than Basic.

415

Unsupported Media Type

Colt will returns a HTTP-415 error when the content-type of the request is incorrect. Ensure the request header contains Content-Type: ‘application/x-www-form-urlencoded’ and try again.

001

Validation not met

The format of the posted body is not supported by the endpoint.

The format of the posted body is not supported by the endpoint.

500

Internal server error

Colt will return a HTTP-500 Error when an unknown error occurs. If you receive a HTTP-500 error from the Colt API, please open a support ticket with the original request and the response returned. Please be sure to remove any passwords or sensitive information from the support ticket.

001

Internal error

An unknown internal error occurred

Generic failure message used if no more precise code can be provided.

002

internal error

O Auth server failed.

The server failed to generate access token

503

Service unavailable

Colt will return a HTTP-503 error if the service is unavailable for some reason, such as when there are no servers available to serve the request or if the system is at capacity. If you receive a HTTP-503 error from the Colt API, please try the request again. If you continue to receive HTTP-503 errors, please open a support ticket with the original request and the response returned. Please be sure to remove any passwords or sensitive information from the support ticket.

001

service unavailable

The service is temporarily unavailable

Backend unavailable.

 

AccessManagement_v1.0.0 (1)_1.yaml (4.3 KB)

OAuth 2.0 is the industry-standard protocol for authorization.  This API returns an JSON web token (JWT) which is required to authorize API calls for a given app.

You can request up to 5 CLIENT_ID + CLIENT_Secret per company account.

API features

  • access tokens generated by this API are valid for a limited period (30 mins) which is returned in the API response.
  • If the token expires, this API will need to be called again.

API Rate Limit

An API rate limit will be applied to protect our platforms from excessive resource usage caused by external attacks or misconfiguration from our customers. We will count API requests and return a HTTP 429 (Too Many Requests) response when the quota (XXX) is exceeded. In case you would reach the limit, you will have to wait max YYY secs before we will process again the requests.