Authentication - OAuth 2.0

Van Marcke APIs are protected by the OAuth authentication protocol. A valid access token is required to consume an API. This token has to be included as HTTP header “Authorization” of type “Bearer Token” (https://tools.ietf.org/html/rfc6750).

Supported OAuth 2.0 grant types:

Authorization Code (https://tools.ietf.org/html/rfc6749#section-1.3.1): preferred solution when calling the APIs with the Van Marcke end-user.
Resource Owner Password (https://tools.ietf.org/html/rfc6749#section-1.3.3): preferred solution when calling the APIs with a service user.
Client Credentials (https://tools.ietf.org/html/rfc6749#section-1.3.4): preferred solution when calling the APIs without user interaction.
Refresh Token (https://tools.ietf.org/html/rfc6749#section-1.5): retrieve a new access token using the refresh token.

💡 Please note that when using the OAuth 2.0 Client Credentials Grant, API responses will be generic and not tailored to a specific customer. This approach does not include the end customer context required for features such as customer-specific pricing or country-related product offerings.

OAuth - OpenID Connect (OIDC) Configuration Endpoints

Test environment: https://api-test.vanmarcke.com/v1/oauth/.well-known/openid-configuration
Production environment: https://api.vanmarcke.com/v1/oauth/.well-known/openid-configuration

Van Marcke Integration

Authentication - OAuth 2.0

Related content