The API endpoints are protected and, therefore, require you to authenticate using an API token.

Accessing the API

  1. Request the client_secret from the Pontaltech team; it will be used to authenticate at the auth/token route.
  2. Once you have the client_secret, simply include the grant_type and client_secret in the body of the request in the following format:
curl -L -X POST 'https://pointer-rcs-api-node.pontaltech.com.br/oauth/token' \
-H 'Accept: application/x-www-form-urlencoded' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d '{"grant_type": "client_credentials", "client_secret": "<client_secret>"}'

Replace <client_secret> with your client_secret.

If the grant_type is correct, you will receive a response in this format:

{
	"access_token": "<access.token>",
	"expires_in": "<time>",
	"token_type": "Bearer"
}

Use your token

You can authenticate by adding an Authorization header to all your HTTP calls. The Authorization header is formatted as follows: Authorization: Bearer <access.token> (replace <access.token> with your previously generated token). Also, add the X-Auth-Type property with the value JWT to all your HTTP calls.

Example:

curl -L -X GET 'https://pointer-rcs-api-node.pontaltech.com.br/api/v3/templates' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer myAwesomeToken' \
-H 'X-Auth-Type: JWT' \