This is an HTTPS-only API and it uses OAuth 2.0 authorization, implementing Authorization Code and Client Credential flows. All requests have to be authenticated via the Authorization header:
curl -H "Authorization: Bearer f4f4994a875f461ca4d4708b9e027df4" \
https://api.competitionsuite.com/v3/groups
Please note that you can choose to send data as JSON or form in all POST requests on this page, as long as the appropriate Content-Type header is included.
OAuth2 Application Keys
You need to create an OAuth2 application before you can use the API. Create one by navigating to your organization > Settings > API and click Create API Key.
Client Credentials Flow
With the Client Credentials flow it is possible to retrieve an access token directly using your application id and application secret:
curl -X POST https://api.competitionsuite.com/v3/oauth2/token \
--data "grant_type=client_credentials" \
--data "client_id={application_id}" \
--data "client_secret={application_secret}"
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"token_type":"bearer",
"access_token":"369dbb08be58430086d2f8bd832bc1eb",
"expires_in":7200
}
This token is valid for 2 hours and you should create a new one only after the existing token expires. Expiration will be indicated by the API responding with HTTP 401.