Chat with us, powered by LiveChat Skip to main content
Echo360 Status:

EchoVideo: Generating Client Credentials to Obtain Access Token

Brock Winfrey
  • Updated

To use either of the public APIs, you need to obtain an access token to authorize your API calls.

To get an access token, you must submit your client credentials to the authorization endpoint (which then returns an access token and a refresh token).

You must create a custom client configuration in the EchoVideo UI to get client credentials. Don't worry; this part is easy.

Be prepared to copy the ID and Secret you generate to a separate (but secure) location; you will receive this information only once. If you lose it and need it later, you must generate a new API client.

To generate API client credentials

  1. Log in as an administrator.
  2. Click the Settings icon in the upper-right corner of the screen.
  3. From the Settings menu, select Institution Settings.

    General settings appears and Basic Info is selected by default.

  4. From the left column, select Integration.
  5. From the Settings menu, select Institution Settings.

    API Clients is selected by default.

    Institution configurations page for API client configurations
  6. Disable the Password Credentials slider if desired.

    The Grant Types sliders are both enabled by default.

  7. Enter a Client Label that identifies this client and its use.
    Institution configurations page for API client configurations with Client Label populated and Password Credentials slider disabled
  8. Click Save.
    A popup box appears containing the Client ID and Client Secret, both required to generate the initial access token to use with API calls.
    client ID and secret generated for access as described
  9. Copy and paste the Client ID and Secret into Notepad or another location. You will NOT receive the secret again. However, the Client ID will be available in the Existing Client list for the client you are creating. The new one will appear at the top of the Existing Clients list if you have multiple API client configurations. They are organized by most recently created at the top of the list.
    Completed API client configuration shows under Existing CLients

The Client ID and refresh token can be used to generate a new access token, meaning you only need to provide the ID and Secret once to obtain the first access token and a refresh token. Access tokens expire after one hour; refresh tokens never expire but can only be used once. New refresh tokens are generated with each access token.

At this point, you can run a POST call to the access token endpoint using your preferred API client or use the access token endpoint available through Swagger Docs.

Related to