OAuth2 Authentication (v2) (Beta)

Beta version

This authentication method is still in beta and may be subject to some changes.

note

This authentication method is supported in:

  • Economic Calendar API (current version - beta).
  • News API.

This authentication method is based on the OAuth 2.0 Client Credentials Grant flow. You will exchange your client credentials for an access token that you will then use to call our APIs.

Step 1: Get your client credentials

At first, in order to use this method, you need to have your public key and your private key, which will be provided to you by our sales department ([email protected]).

Step 2: Obtain an access token from our authorization server

You need to make a HTTP POST request to our authorization server in order to obtain the Access Token.

  • Resource URL: https://authorization.fxstreet.com/v2/token
  • HTTP Method: POST
  • Content-Type: application/x-www-form-urlencoded
  • Response Format: JSON
important

The access token will only be valid for 24 hours.

Warning: Server-side only

This step should only be done on the server-side only. Never send your client credentials from the client side.

If you need to call our APIs from the client side, you should obtain the access token in your server and then send it to your client (so you don't expose the credentials).

Parameters

All parameters are required.

grant_type

For this flow it must be client_credentials.

client_id

This value must be your public key.

client_secret

This value must be your private key.

scope

The scope you are requesting access to.

For the Economic Calendar API, the scope is calendar.

For the News API, the scope is news.

Response

If the credentials are correct and you are allowed to access the requested scope, the authorization server will return a JSON response containing the access_token:

{
"access_token": "pkxvMZk7eRoHT5H3hl8qXwUYt0wDcUlQr4NOpK3vLsUnMzC76h0koyxwKF8N",
"token_type": "Bearer",
"expires_in": 86399
}

Sample

curl -d "grant_type=client_credentials" -d "client_id={public_key}" -d "client_secret={private_key}" -d "scope=calendar" https://authorization.fxstreet.com/v2/token

Step 3: Send the access token to the API

Once you have the access token, you should just add an Authorization header to your API requests in the following format:

Authorization: {token_type} {access_token}
Authorization: Bearer pkxvMZk7eRoHT5H3hl8qXwUYt0wDcUlQr4NOpK3vLsUnMzC76h0koyxwKF8N
curl -X GET -H "Authorization: {token_type} {access_token}" https://calendar-api.fxstreet.com/en/api/v1/marketImpact/assets