This guide shows how to authenticate with the Corti API using OAuth 2.0 client credentials.
Authenticate using code examples For JavaScript , we recommend using the Corti JavaScript SDK , which handles authentication automatically. If you need to implement OAuth manually, see the examples below for other languages.
Code examples // Replace these with your values const CLIENT_ID = "<your client id>" ; const CLIENT_SECRET = "<your client secret>" ; const ENV = "<eu-or-us>" ; // "eu" or "us" const TENANT = "<your tenant>" ; // for example "base" async function getAccessToken () { const tokenUrl = `https://auth. ${ ENV } .corti.app/realms/ ${ TENANT } /protocol/openid-connect/token` ; const params = new URLSearchParams (); params . append ( "client_id" , CLIENT_ID ); params . append ( "client_secret" , CLIENT_SECRET ); params . append ( "grant_type" , "client_credentials" ); params . append ( "scope" , "openid" ); const res = await fetch ( tokenUrl , { method: "POST" , headers: { "Content-Type" : "application/x-www-form-urlencoded" }, body: params }); if ( ! res . ok ) { throw new Error ( `Failed to get token, status ${ res . status } ` ); } const data = await res . json (); return data . access_token ; } // Example usage getAccessToken (). then ( token => { console . log ( "Access token:" , token ); }). catch ( err => { console . error ( "Error:" , err ); });
Tokens expire after 300 seconds (5 minutes), refresh as needed.
