Authentication
All Bluescope apis require an authorisation bearer token to ensure that you have the required roles to execute the api. This uses Microsoft's Oauth2.0 bearer token retrieval api 'https://login.microsoftonline.com/bluescopeltd.onmicrosoft.com/oauth2/token'. Because this is a Microsoft api you wont need a subscription key in the headers.
What is Oauth 2.0?
OAuth 2.0 is the industry standard developed by IETF for providing client applications with “secure delegated access”. Visit the IETF OAuth 2.0 page to read more about the standard.
Getting Access
To register with Oauth please email 'IntegrationSupport@bluescope.com' with the following details;
- Organisation Name
- Buyer Identifiers
Once actioned Bluescope Integration support will send back the following details:
- client_id : the id of the client to represent your organisation.
- client_secret: the secret of the client which represents your organisation.
- resource: the resource url which represents the api who your authenticating against
Retrieving Oauth2.0 Token
Details of how to run the api to get your bearer token can be found:
Microsoft page: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
And/Or