Skip to main content
To interact with the NexusOne API, you must authenticate using either OAuth or an API key.

Get your OAuth access token

When you purchase and deploy NexusOne, the deployment script does the following:
  1. Creates your client ID and secret in Keycloak.
  2. Assigns the default NexusOne roles to the client’s service account.
  3. You can then use the client ID and secret, along with a profile scope, to generate the token.
If you aren’t an administrator, then you must ask your administrator to assign a role to your user account.
Here is an example showing how to use a cURL command to generate an access token after getting your client ID and secret in Keycloak.
  1. Install the latest version of jq.
  2. Create a variable for the client name, ID, and secret. 
    export client_name=companyA
export client_id=myID
export client_secret=mySecret
  3. Generate the access token. 
    curl -sX POST "https://sso.prod.nx1cloud.com/realms/$client_name/protocol/openid-connect/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials" \
  -d "scope=profile" \
  -d "client_id=$client_id" \
  -d "client_secret=$client_secret" | jq
  4. After generating the access token, you should see a similar output. Copy the value of access_token, the long string inside the quotes. 
    {
  "access_token": "ThisIsALongAccessTokenStringCopyIt",
  "expires_in": 600,
  "refresh_expires_in": 0,
  "token_type": "Bearer",
  "not-before-policy": 0,
  "scope": "email openid profile"
}
API endpoints such as Creates query for a card require authentication. The API endpoints expects you to use an OAuth2AuthorizationCodeBearer security method and also add the access token value in the Authorization attribute before sending an API call.

Get your API key

To obtain your API key, follow these steps:
  1. Purchase NexusOne and deploy it.
  2. You receive an API key. If the Nexus Cognitive team is managing the deployed environment for you, then you can request the API key at any time.
API endpoints such as Creates query for a card require authentication. The API endpoints expect you to use an APIKeyHeader security method and add the API key value in the Authorization-PSK attribute before sending an API call.