Akoya Service token API OpenAPI specification

By hovering on the code, a clipboard icon will appear on the top right. Use it to copy the code. Then paste into your favorite text or code editor and save as a YAML file.

openapi: 3.1.0
x-stoplight:
  id: udb9jqji44c0s
info:
  title: Akoya Service Token API v1.0.1
  version: 1.0.1
  description: "v1.0.1 update\r\n- 9/26/2024\r\n    - Updated scope values to use `app_management_v2` for Apps Management API in the wake of the v1 deprecation. Added callout for the same.\r\n- 6/30/2024\r\n    - Added scope for the Consent notifications API: `scope=notifications_subscriptions advisory`\r\n    - Added a callout explaining the difference in scope for the Management and Notifications APIs.\r\n\r\nAkoya service tokens. Default servers are set for the Akoya sandbox environment."
  contact:
    name: API Support
    url: 'http://www.akoya.com'
    email: [email protected]
  license:
    name: Akoya Terms of Use
    url: 'https://recipient.ddp.akoya.com/terms-of-use'
servers:
  - url: 'https://sandbox-sts.ddp.akoya.com/oauth2'
    description: Sandbox IdP server
  - url: 'https://sts.ddp.akoya.com/oauth2'
    description: Production IdP server
security:
  - BasicAuth: []
tags:
  - name: Service tokens
    description: Tokens
paths:
  /token:
    post:
      summary: Service token
      tags:
        - Service tokens
      responses:
        '200':
          description: Token
          content:
            application/x-www-form-urlencoded:
              schema:
                type: object
                x-examples:
                  Example 1:
                    access_token: ory_at_LIex7POO...47uYQ
                    expires_in: 86399
                    scope: alps
                    token_type: bearer
                properties:
                  access_token:
                    type: string
                  expires_in:
                    type: integer
                  scope:
                    type: string
                  token_type:
                    type: string
              examples:
                Successful response:
                  value:
                    access_token: ory_at_LIex7POOM-P86yZqMbg-8TXP47uYQ...
                    expires_in: 86399
                    scope: alps
                    token_type: bearer
        '404':
          description: Not Found
      operationId: post-service-token
      description: "> \U0001F6D1 The `alps` scope is deprecated\n>\n> The previous scope value of `alps` for Apps Management API is being deprecated with version 1. `app_management_v2` should be used going forward. See the [v2 migration guide](https://docs.akoya.com/reference/management-api-v2-migration-guide) for more information.\n\n> \U0001F6A7 Requirements\n>\n> To create a service token, you'll need a client id and secret. You can access these by logging into the [*Data Recipient Hub*](https://recipient.ddp.akoya.com/login)\n\nUse the service token endpoint to generate an access token which will last for 24 hours. \n\nThe header must contain Basic Auth (your `clientId` and `secret` base64 encoded), and the body of the request requires the scope specifying the service. After the token expires, use this endpoint to generate a new one.\n\n> \U0001F4D8 The scope for the Apps Management and Notifications APIs are different\n>\n>  Use `app_management_v2` for Apps Management and `notifications_subscriptions advisory` for Notifications."
      x-stoplight:
        id: 73inysori11et
      requestBody:
        $ref: '#/components/requestBodies/serviceTokenRequest'
      x-internal: false
components:
  securitySchemes:
    BasicAuth:
      type: http
      scheme: basic
      description: 'For Basic Auth, use your `client_id` and `client_secret` for username & password'
  requestBodies:
    serviceTokenRequest:
      content:
        application/x-www-form-urlencoded:
          schema:
            type: object
            required:
              - grant_type
              - scope
            properties:
              grant_type:
                description: 'Defaults to `client_credentials`, your `clientId` and `clientSecret`.'
                default: client_credentials
                enum:
                  - client_credentials
              scope:
                x-stoplight:
                  id: 29arf8czyssgs
                description: The Akoya service accessed by provided credentials.
                default: app_management_v2
                enum:
                  - app_management_v2
                  - notifications_subscriptions advisory
      description: 'Set the parameters used for your service token. Indicate "grant_type = client credentials" and specify the `scope` of the token for the Akoya service you''re using. For instance, for the Akoya Management API, `scope=app_management_v2` or for the Notifications API, `notifications_subscriptions advisory`.'
x-internal: false

Change log

DateUpdate
2024-Sept-26Updated scope values to use app_management_v2 for Apps Management API in the wake of the v1 deprecation. Added callout for the same.
2024-Sept-09Original

Need help?

Check out our Developer Community, or visit the Support Center in the Data Recipient Hub.

Looking for provider nuance documentation?

All provider nuance documentation is available in the Data providers section in the Data Recipient Hub.

Still stuck?

For all production issues, submit a support ticket through the Data Recipient Hub. Our support team is standing by 24/7. Questions and non-production issues will be answered during business hours.