OAuth2 Authentication (v1)

note

This authentication method is supported in:

  • News API
  • Daily Market Analysis API
  • Economic Calendar API (deprecated versions: v2 & v4)
  • Market Tools API

This authentication method is partially based on the OAuth 2.0 Client Credentials Grant flow. You obtain an access token that you will then use to call our APIs.

Step 1: Get your client credentials

At first, in order to use this method, you need to have your public key and your private key, which will be provided to you by our sales department ([email protected]).

Step 2: Obtain an access token from our authorization server

You need to make a HTTP POST request to our authorization server in order to obtain the Access Token.

  • Resource URL: https://authorization.fxstreet.com/token
  • HTTP Method: POST
  • Content-Type: application/x-www-form-urlencoded
  • Response Format: JSON
important

The access token will only be valid for 24 hours.

Server-side

Warning

This method is to be used on the server-side only. Never send your client credentials from the client side.

If you need to call our APIs from the client side, please refer to the client-side explanation.

Parameters

All parameters are required.

grant_type

For this case it must be client_credentials.

client_id

This value must be your public key.

client_secret

This value must be your private key.

Response

If the credentials are correct, the authorization server will return a JSON response containing the access_token:

{
"access_token": "pkxvMZk7eRoHT5H3hl8qXwUYt0wDcUlQr4NOpK3vLsUnMzC76h0koyxwKF8N",
"token_type": "Bearer",
"expires_in": 86399
}

Sample

curl -d "grant_type=client_credentials" -d "client_id={public_key}" -d "client_secret={private_key}" https://authorization.fxstreet.com/token

Client-side

Parameters

All parameters are required.

grant_type

For this case it must be domain.

client_id

This value must be your public key.

Response

If the credentials are correct, the authorization server will return a JSON response containing the access_token:

{
"access_token": "pkxvMZk7eRoHT5H3hl8qXwUYt0wDcUlQr4NOpK3vLsUnMzC76h0koyxwKF8N",
"token_type": "Bearer",
"expires_in": 86399
}

Sample

var data = new URLSearchParams()
data.append('grant_type', 'domain')
data.append('client_id', '{public_key}')
fetch('https://authorization.fxstreet.com/token', {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
},
body: data
}).then(function (response) {
if (response.ok) {
response.json().then(function (token) {
console.log('Token received')
console.log(token)
})
}
})

Step 3: Send the access token to the API

Once you have the access token, you should just add an Authorization header to your API requests in the following format:

Authorization: {token_type} {access_token}
Authorization: Bearer pkxvMZk7eRoHT5H3hl8qXwUYt0wDcUlQr4NOpK3vLsUnMzC76h0koyxwKF8N
curl -X GET -H "Authorization: {token_type} {access_token}" https://calendar.fxstreet.com/v4/country/GetAll