Skip to content

Getting an access token

Last Update: January 3, 2023

Overview

All calls to eAPI require authorization using an OAuth bearer token.

eAPI Authentication system is an OpenID Connect and OAuth implementation used to authenticate and authorize users to access eAPI Services.

If you are a first time user of eAPI you will need to submit an acccount request to eapisupport@maxar.com.

Request

Fetches or refreshes an access token used for eAPI access.

Root url 

https://keycloak.eapi.maxar.com/

POST /realms/general/protocol/openid-connect/token

Request Body 

{
    "grant_type": "password",
    "username": "{{username}}",
    "password": "{{password}}",
    "client_id": "access"
}
The grant type will always be "password" for a token request. Your username is the email address used to set up your eAPI account.

Example using cURL

curl https://keycloak.eapi.maxar.com/realms/general/protocol/openid-connect/token --data "username=your_user_name&password=your_password&grant_type=password&client_id=access"
Make sure you are only copying the "access_token" portion of the response below. This will be needed for requests to eAPI.

Response

{
    "access_token":"{access token}",
    "expires_in":43200,
    "refresh_expires_in":1800,"refresh_token":"{refresh token}",
    "token_type":"Bearer",
    "not-before-policy":0,
    "session_state":"",
    "scope":"email profile"
    }

Token Expiration

API users: A token is valid for 12 hours. Once a token expires, you'll need to request a new one.