Authentication Overview

Campari APIs use Oauth2 protocol authorization with Client Credentials grant. OAuth 2 is an authorization framework that enables applications to obtain access to HTTP services. It's a three-steps authorization flow as shown in figure below: 1) The developer registers its application to access Campari's service resources (_a_). If Campari authorized the request, the application receives an authorization grant (_b_). This first step is needed only once for every newly created application and it has been explained in [Sign in and Register your application](https://developer.mycampari.com/docs/read/getting_started/Authorize_API_calls) section. 2) The application requests an access token from the authorization server (via an API) by presenting the authorization grant (_c_). If the authorization grant is valid, the authorization server issues an access token to the application (_d_); 3) The application requests the resource from the resource server and presents the access token for authentication (_e_). If the access token is valid, the resource server serves the resource to the application (_f_). The grant type chosen by Campari is the Client Credentials grant type which required the following information: * grant_type: The grant_type parameter must be set to _client_credentials_. * Client Authentication: The client needs to authenticate themselves for this request. This is performed passing additional request parameters as _client_id_ and _client_secret_ Once you have your authorization grant (Step 1 from above) the sequence of API calls is reported in the following diagram: To test an API and the Authorization flow please go head with [Authorize API calls and try it out](https://developer.mycampari.com/docs/read/getting_started/oauth20/Build_a_request) section.