Authentication
All API methods require an OAuth 2.0 Bearer token to be provided in the Authorization header for each HTTP request. The Bearer token can be obtained from the authentication server using OAuth 2.0 client credentials flow.
The client ID and client secret are provided in Sectigo Certificate Manager. These are provided to the authentication server to get an access token.
Use the code examples in the Create access token page to create an access token on your local machine. If successful, the response will contain an access_token field that can be used as the Bearer token value in the Authorization header in other API calls
The expires_in parameter in the response states the lifetime of the access token in seconds.
Security is maintained since the access token is generated locally and all API requests using the token are sent directly from your browser.
For more details, see Client Credentials and Making Authenticated Requests
Updated 29 days ago