In order to use any of the MG+ systems, one must first authenticate and receive access a valid token.
Access Token: string received as output of /connect/token method on STS. The string is an encoded authorization object. Each token has its own expiration time.
The service is a standard RESTful service.
STS Endpoint
Find your STS URL. This can be found in MG+ Backoffice (via User Management, then clicking on the info icon of the relevant entity), or given to you by your Account Manager.
STS Methods
To generate an STS Token, provide your Agent Code ID and Agent Secret to STS. In response, you'll receive a JWT token for use in future MG+ API calls.
POST /connect/token
Request Header
Content-Type: “application/x-www-form-urlencoded”
Request Parameters
|
Request Parameter |
Required |
Data Type |
Description |
|---|---|---|---|
|
grant_type |
Yes |
String |
“client_credentials” |
|
client_id |
Yes |
String |
<Agent Code ID> |
|
client_secret |
Yes |
String |
<Agent Secret> provided by MG+ |
Response Data
|
Name |
Data Type |
Description |
|---|---|---|
|
access_token |
String |
RFC7519 compliant JSON Web Token (JWT). |
|
expires_in |
Integer |
Seconds to expiration. |
|
token_type |
String |
Token type. Constant: “Bearer”. |
Errors
|
HTTP Code |
Content |
Description |
|---|---|---|
|
400 |
invalid_request |
Wrong request format. |
|
400 |
invalid_client |
Wrong credentials. |
|
400 |
unsupported_grant_type |
Grant type is not supported. |
|
500 |
general_error |
Server error (rare), please try again. |
Recommended Token Refresh Policy
Each access token has a default expiration time of 60 minutes.
The best practice is to store the access token after it is received, reuse it for all calls while it is valid, and implement a background token refresh procedure (as demonstrated in the API Call Flow under the MG+ Platform Overview section). It's recommended to obtain a new token by calling the /connect/token method 15 minutes before the token expiry time.
The access token is JWT compliant and after it is decoded it will also contain the following fields:
-
nbf – Token validity start UNIX timestamp.
-
exp – Token validity end UNIX timestamp.