Obtain an Access Token

To obtain an access token, make the following POST request to the Auth endpoint.

Tip

Use the returned accessToken in the Authorization header for subsequent API requests.

Attention

Never expose clientSecret in frontend code. Exchange credentials only from trusted backend services.

Request and response

Request

HTTPcurlJavaScriptPythonGoRust

POST /sandbox/auth HTTP/1.1
Host: api.conomyhq.com
x-api-key: {YOUR_API_KEY}
conomyhq-api-version: 24-04-2025
User-Agent: MyApp/1.0
Content-Type: application/json
Accept: application/json

{
  "clientId": "{YOUR_CLIENT_ID}",
  "clientSecret": "{YOUR_CLIENT_SECRET}"
}

curl -X POST 'https://api.conomyhq.com/sandbox/auth' \
  -H 'x-api-key: {YOUR_API_KEY}' \
  -H 'conomyhq-api-version: 24-04-2025' \
  -H 'User-Agent: MyApp/1.0' \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -d '{
    "clientId": "{YOUR_CLIENT_ID}",
    "clientSecret": "{YOUR_CLIENT_SECRET}"
  }'

const response = await fetch('https://api.conomyhq.com/sandbox/auth', {
  method: 'POST',
  headers: {
    'x-api-key': '{YOUR_API_KEY}',
    'conomyhq-api-version': '24-04-2025',
    'User-Agent': 'MyApp/1.0',
    'Content-Type': 'application/json',
    'Accept': 'application/json',
  },
  body: JSON.stringify({
    "clientId": "{YOUR_CLIENT_ID}",
    "clientSecret": "{YOUR_CLIENT_SECRET}"
  }),
});

const data = await response.json();

import requests

payload = {
  "clientId": "{YOUR_CLIENT_ID}",
  "clientSecret": "{YOUR_CLIENT_SECRET}"
}

response = requests.post(
    'https://api.conomyhq.com/sandbox/auth',
    headers={
    'x-api-key': '{YOUR_API_KEY}',
    'conomyhq-api-version': '24-04-2025',
    'User-Agent': 'MyApp/1.0',
    'Content-Type': 'application/json',
    'Accept': 'application/json',
    },
    json=payload,
)

data = response.json()

package main

import (
	"bytes"
	"net/http"
)

func main() {
	payload := []byte(`{
  "clientId": "{YOUR_CLIENT_ID}",
  "clientSecret": "{YOUR_CLIENT_SECRET}"
}`)
	body := bytes.NewReader(payload)
	req, _ := http.NewRequest("POST", "https://api.conomyhq.com/sandbox/auth", body)
	req.Header.Set("x-api-key", "{YOUR_API_KEY}")
	req.Header.Set("conomyhq-api-version", "24-04-2025")
	req.Header.Set("User-Agent", "MyApp/1.0")
	req.Header.Set("Content-Type", "application/json")
	req.Header.Set("Accept", "application/json")

	client := &http.Client{}
	resp, _ := client.Do(req)
	defer resp.Body.Close()
}

use reqwest::Client;
use serde_json::json;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let client = Client::new();
    let payload = json!({
  "clientId": "{YOUR_CLIENT_ID}",
  "clientSecret": "{YOUR_CLIENT_SECRET}"
});

    let response = client
        .post("https://api.conomyhq.com/sandbox/auth")
        .header("x-api-key", "{YOUR_API_KEY}")
        .header("conomyhq-api-version", "24-04-2025")
        .header("User-Agent", "MyApp/1.0")
        .header("Content-Type", "application/json")
        .header("Accept", "application/json")
        .json(&payload)
        .send()
        .await?;

    let data: serde_json::Value = response.json().await?;
    Ok(())
}

Response

200

{
  "accessToken": "{ACCESS_TOKEN}",
  "tokenType": "Bearer",
  "expiresIn": 3600
}