Step 1: Retrieve bearer token
API authentication takes place by requesting a bearer token from the WMDA Azure AD. This is performed by performing an API call to the Microsoft AD. There are client libraries available for many different platforms. You can find those here:
https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-v2-libraries
A CURL command would be:
curl --location --request POST 'https://login.microsoftonline.com/c3ab1869-1472-4577-b669-0d64c732e75c/oauth2/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=client_credentials' \ --data-urlencode 'client_id=<YOURCLIENTID>' \ --data-urlencode 'client_secret=<YOURCLIENTSECRET>' \ --data-urlencode 'resource=<RESOURCE_ID_FOR_APPLICATION_YOU_WANT_TO_ACCESS>'
Below is a list of resource ID's for applications that use this authentication method:
Search and Match V2 (launched 4 July 2022):
5df05a6d-8ef0-49fe-9441-62cd9b540376
You will then receive the following:
{
"token_type": "Bearer",
"expires_in": "3599",
"ext_expires_in": "3599",
"expires_on": "1642763674",
"not_before": "1642759774",
"resource": "1da84816-4337-44d3-a782-b6abebaf6710",
"access_token": "<Obfuscated for clarity and security>"
}
You can find documentation and a Postman collection with the relevant call here:
https://documenter.getpostman.com/view/7271683/UVXomZD2
Click "run in postman" if you want to run it in your local postman install or on the web.
Step 2: Authenticating with WMDA APIs
The bearer token retrieved in the previous step can then be used to authenticate future requests to the WMDA API. You do this by adding an "authorization" header with the following content:
Bearer <access token>