Switch Developer Documentation
  • Welcome
  • ⚠️Migration to Auth0
    • Overview
    • Status
    • Switch API
      • Client Credentials Flow
      • Organization Client
      • Token Endpoint
    • OpenADR 3 VTN API
      • VTN Credentials
      • Token Endpoint
  • Getting Started
    • Concepts
    • Guides
      • How to send readings
      • Market operations
      • Conditional agreements
    • Support
  • Switch API
    • Overview
    • Terms of Use
    • Authentication
      • Client Credentials Flow
      • Organization Client
      • Token Endpoint
    • Rate Limiting
    • Errors
    • API Reference
      • Market Zones
      • Products
      • Resources
      • Meters
      • Readings
  • OpenADR 3
    • Overview
    • Authentication
      • VTN Credentials
      • Token Endpoint
    • API Reference
      • Programs
      • Events
      • Reports
      • Subscriptions
      • Vens
    • Webhooks
      • Callback URL verification
      • Domain and IP addresses
      • Best practices
    • Payloads
    • Code samples
  • Libraries
    • .NET SDK
      • SDK Reference
        • IAuthService.Auth
        • IProgramsService.Programs
        • IEventsService.Events
        • IReportsService.Reports
        • ISubscriptionsService.Subscriptions
        • IVensService.Vens
Powered by GitBook
On this page
  • OAuth 2.0
  • Supported authorizations
  • Access Token

Was this helpful?

  1. OpenADR 3

Authentication

PreviousOverviewNextVTN Credentials

Last updated 9 months ago

Was this helpful?

The Switch OpenADR VTN uses the same OAuth 2.0 protocol as the Switchmarket API as described in under the Switch API section.

For more information please refer to page.

OAuth 2.0

OAuth 2.0 is the authorization protocol that is used on all endpoints of Switch API. It allows authorization without the external application getting the user's email address or password. Instead, the external application gets an access token that authorizes access to the user's account. The user can revoke the token for one application without affecting access by any other application. This protocol gives an API client limited access to user data on the web server. OAuth 2.0 relies on authentication scenarios called flows, which allow the resource owner (user) to share the protected content from the resource server without sharing their credentials. For that purpose, an OAuth 2.0 server issues access tokens that the client applications can use to access protected resources on behalf of the resource owner.

For more information about OAuth 2.0, see and .

Supported authorizations

The Switch API supports the authorization for external clients.

Access Token

An Access Token is a piece of data that represents the authorization to access resources on behalf of the end-user. API requests are authenticated using the . To authenticate a request, you need to provide the token in the Authorization header of the request:

curl -H "Authorization: Bearer <your_access_token>" https://api.switchmarket.se/api/me/

Keep your API access tokens secure and do not share them in emails, chat messages, client-side code or publicly accessible sites.

All issued access tokens are tied to a specific Switch user account for which they were created. An access token provides the same level of access and privileges that its associated Switchmarket user account would have.

The Switch platform supports two types of user accounts, user account as a human, and a user account as an application. The recommended way to integrate with the Switchmarket API is to use an application user account. This type of account is known as within the Switch platform.

Authentication
Authentication
oauth.net
RFC 6749
Client Credentials
Bearer Auth scheme
organization client