Authentication

Authentication

You will need to authenticate using OAuth2 protocol. We use the "Client Credential" grant scenario :

  • [Client credentials] : This method relies on Oauth2 Client-Credentials grant. It aims at securing application to application relations using a CLIENT_ID and CLIENT_SECRET to get an access token which is then used to securely call an API. It covers cases when there is no user related context (session).

Secured API usage : How-to

This flow consists in calling the token endpoint to get an access token using CLIENT_ID / CLIENT_SECRET credentials [provided to you by our teams]

client credentials flow

Get an access token

Global method

In order to get the ACCESS TOKEN you need to call on the following API :

Use url : POST https://oauth2.bouyguestelecom.fr/token

With the following Body (application/x-www-form-urlencoded) : grant_type=client_credentials

And with an Authorization HTTP HEADER structured as follows : BASE 64 encoded version of your CLIENT_SECRET (see bellow for details and example).

How to get the CLIENT_SECRET

CLIENT_SECRET is generated when you requested your app creation using your DEV PORTAL account. You can retrieve them by :

  • login into your private account from "Espace Client Bouygues Telecom Entreprises"
  • go to the APPS sceen (uper right menu) main menu
  • click on the eye logo corresponding to your registred application eye
  • click the show button in order to reveal client id and client secret values

CURL based example :

curl "https://oauth2.bouyguestelecom.fr/token" \
    -H "Authorization: Basic $(echo -n 'CLIENT_ID:CLIENT_SECRET' | base64 -w 0)" \
    -d "grant_type=client_credentials"

Output example :

{
  "access_token": "at-9ebf70bd-1cc6-412d-b1ba-3997f8dcad19",
  "expires_in": 3600,
  "token_type": "Bearer",
  "refresh_credit": 0,
  "scope": "UserConsult"
}

API call

Use the access token to call on the api endpoint on one of our three aforementioned base urls and set the Authorization http header with the following format : Bearer [your access token]. An example with check email api :

GET https://open.api.bouyguestelecom-entreprises.fr/v1/customer-management/bflex-calls-history

curl example :

curl "https://open.api.bouyguestelecom-entreprises.fr/v1/customer-management/bflex-calls-history
     -H "Authorization: Bearer at-9ebf70bd-1cc6-412d-b1ba-3997f8dcad19"