Authentication Overview
The V3 APIs follow the standard OAuth 2.0 protocol, supporting both password and client credential grants for secure access to Beeye's platform.
Password Grant
Use your username and password to authenticate with the APIs. Perfect for user-specific operations and testing.
POST /authentication/token
Content-Type: application/x-www-form-urlencoded
Content-Type: application/x-www-form-urlencoded
grant_type: password
username: [your user name]
password: [your password]
Client Credentials
Server-to-server authentication using fixed keys that don't change with user password updates. Ideal for automated integrations and background processes.
Security Note: Client credentials should remain strictly confidential. Only users with "Integrations" access rights can generate these keys.
To obtain your keys:
- Navigate to "My settings" in Beeye
- Click "Get OAuth keys"
- Securely store your generated keys
POST /authentication/token
Content-Type: application/x-www-form-urlencoded
Content-Type: application/x-www-form-urlencoded
grant_type: client_credentials
client_id: [your client id]
client_secret: [your client secret]
Token Response
Both authentication methods return a JSON response with your access credentials:
- AccessToken: Your authentication token for API calls
- TokenType: Bearer (standard OAuth 2.0 format)
- ExpiresIn: Token lifetime in seconds
- UserName: Confirmation of authenticated user
- Expires: Exact expiration timestamp (ISO format)
The response also includes an HTTP cookie with your refresh token for seamless token renewal.
Token Usage & Management
Making API Calls:
Authorization: Bearer [your token]
Token Renewal:
GET /authentication/refresh-token?refreshToken=[your refresh token]
Best Practices:
- Refresh tokens 2-3 minutes before expiration
- Refresh tokens are valid for ~23 hours
- Long-running requests won't fail if token was valid at start