Unity's API ensures the validity and identity of each API request through authentication in order to securely transfer data that belongs to your organization. The API makes use OAUTH 2.0 client credentials flow for authentication.
Begin by creating a set of API keys in the Unity portal under the section, "API". Do not hardcode the secret and expose it in version control or an environment where others may easily misappropriate it. Instead, a recommendation would be to store this data in a secrets management service (e.g. AWS Secrets Manager, Azure Key Vault, Hashicorp Vault, etc.) and dynamically fetch it when required.
Tokens
To authenticate and receive an access token make a POST request to https://auth.api.unity.tetratrust.com/oauth2/token with the appropriate scopes.
See Scopes for more details.
Tokens have a lifecycle of 15 minutes before they expire.
Header parameters
AuthorizationisBasic Base64Encode(client_id:client_secret)Content-Typemust be'application/x-www-form-urlencoded'
Body
grant_typemust beclient_credentialsscopeis optional for any scopes you wish to restrict this token to.
API Calls
Base URL
http://api.unity.tetratrust.com
Header parameters
x-api-keyis your organization'sclient_id.Authorizationis your access key retrieved from the token call