Calling the API | Rightbrain

Using Your Access Token

Once you have successfully obtained an access token using one of the supported OAuth 2.0 grant types, you need to include it in your requests to the Rightbrain API.

Rightbrain expects the access token to be sent in the Authorization HTTP header using the Bearer authentication scheme.

Header Format:

Authorization Header

Authorization: Bearer <YOUR_ACCESS_TOKEN>

Replace <YOUR_ACCESS_TOKEN> with the actual access_token value you received from the token endpoint.

Example API Call (curl):

This generic example shows how to include the Authorization header. Remember to replace:

${TOKEN} with your actual access token (or use the variable if set).
<API_ENDPOINT_URL> with the specific Rightbrain API endpoint you want to call.
The HTTP method (-X POST) and body (-d '...') as required by the specific endpoint.

Example API Call with Bearer Token

$ # Ensure your access token is stored in the TOKEN variable or replace ${TOKEN}
> TOKEN="<YOUR_ACCESS_TOKEN>"
> 
> curl -X POST \
>   -H "Authorization: Bearer ${TOKEN}" \
>   -H "Content-Type: application/json" \
>   -d '{"parameter": "value"}' \
>   <API_ENDPOINT_URL>

Important Considerations

Token Lifetime Management

Expiration: Access tokens have a limited lifetime. If you receive an authentication error (like a 401 Unauthorized), your token may have expired.
Refreshing (Authorization Code / PKCE): If you obtained a refresh token (using the Authorization Code or PKCE flow with the offline_access scope), use the refresh token grant to get a new access token. Refer back to the specific grant type documentation (Authorization Code, PKCE) for details.
No Refreshing (Client Credentials): Tokens obtained via the Client Credentials grant cannot be refreshed. You must request a completely new token when the old one expires using the Client Credentials flow.

Security

Keep your access tokens secure, just like passwords. Avoid exposing them in client-side code or insecure logs.