Environment: TestEnvironment: ProductionEnvironment: Production US
Guides

Authentication

Suggest Edits

Bluestone PIM Management API uses OAuth2 for authentication. This means all calls to the endpoints require a bearer token.

Endpoint to generate a bearer token

Code examples of how to obtain a bearer token:

import requests

AUTH_URL = 'https://idp-us.bluestonepim.com/op/token'
CLIENT_ID = 'YOUR_ID'
CLIENT_SECRET = 'YOUR_SECRET'

def get_token():
    headers = {
        'Content-Type': 'application/x-www-form-urlencoded',
    }
    data = {
        'grant_type': 'client_credentials',
        'client_id': CLIENT_ID,
        'client_secret': CLIENT_SECRET,
    }
    response = requests.post(AUTH_URL, headers=headers, data=data)
    return response.json()['access_token']

if __name__ == "__main__":
    token = get_token()
    print('Access Token:', token)


const axios = require('axios');

const AUTH_URL = 'https://idp.test.bluestonepim.com/op/token';
const CLIENT_ID = 'YOUR_ID';
const CLIENT_SECRET = 'YOUR_SECRET';

async function getToken() {
    try {
        const response = await axios.post(AUTH_URL, new URLSearchParams({
            grant_type: 'client_credentials',
            client_id: CLIENT_ID,
            client_secret: CLIENT_SECRET
        }).toString(), {
            headers: {
                'Content-Type': 'application/x-www-form-urlencoded'
            }
        });
        return response.data.access_token;
    } catch (error) {
        console.error('Error fetching token:', error);
    }
}

(async () => {
    const token = await getToken();
    console.log('Access Token:', token);
})();


import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;

public class OAuthClient {
    private static final String AUTH_URL = "https://idp.test.bluestonepim.com/op/token";
    private static final String CLIENT_ID = "YOUR_ID";
    private static final String CLIENT_SECRET = "YOUR_SECRET";

    public static void main(String[] args) {
        try {
            String token = getToken();
            System.out.println("Access Token: " + token);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private static String getToken() throws Exception {
        try (CloseableHttpClient client = HttpClients.createDefault()) {
            HttpPost post = new HttpPost(AUTH_URL);
            post.setHeader("Content-Type", "application/x-www-form-urlencoded");

            StringEntity entity = new StringEntity(
                "grant_type=client_credentials&client_id=" + CLIENT_ID + "&client_secret=" + CLIENT_SECRET);
            post.setEntity(entity);

            try (CloseableHttpResponse response = client.execute(post)) {
                String responseBody = EntityUtils.toString(response.getEntity());
                JSONObject json = new JSONObject(responseBody);
                return json.getString("access_token");
            }
        }
    }
}

Updated 5 months ago