API access
In order to access the Chariot API, you will need to authenticate requests using the OAuth 2.0 Client Credentials flow.
- OAuth 2.0 Access Token: This is a JWT that should be provided as a Bearer token in the Authorization header for all API endpoints. This Access Token is temporary and once it expires you can request a new one. We recommend you save these tokens somewhere safe and re-use them until they expire so you can avoid having to re-fetch which can add latency to your requests.
To obtain the necessary client_id
and client_secret
please email [email protected].
Getting an OAuth2.0 Access Token for your API
You can execute a client credentials exchange to get an access token for Chariot. Here are a few examples in a variety of languages. Replace any CLIENT_ID
and CLIENT_SECRET
with the ones privately shared with you. Note that in this example we are retrieving an access token for the Chariot Sandbox environment. If you wanted to retrieve an access token for the Chariot Production environment, you would use the following URL https://login.givechariot.com/oauth/token
with Production environment specific OAuth Client Credentials.
curl --request POST \
--url https://chariot-sandbox.us.auth0.com/oauth/token \
--header 'content-type: application/json' \
--data '{"client_id":"CLIENT_ID","client_secret":"CLIENT_SECRET","audience":"https://api.givechariot.com","grant_type":"client_credentials"}'
var client = new RestClient("https://chariot-sandbox.us.auth0.com/oauth/token");
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET\",\"audience\":\"https://api.givechariot.com\",\"grant_type\":\"client_credentials\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://chariot-sandbox.us.auth0.com/oauth/token"
payload := strings.NewReader("{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET\",\"audience\":\"https://api.givechariot.com\",\"grant_type\":\"client_credentials\"}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("content-type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}
HttpResponse<String> response = Unirest.post("https://chariot-sandbox.us.auth0.com/oauth/token")
.header("content-type", "application/json")
.body("{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET\",\"audience\":\"https://api.givechariot.com\",\"grant_type\":\"client_credentials\"}")
.asString();
var settings = {
"async": true,
"crossDomain": true,
"url": "https://chariot-sandbox.us.auth0.com/oauth/token",
"method": "POST",
"headers": {
"content-type": "application/json"
},
"data": "{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET\",\"audience\":\"https://api.givechariot.com\",\"grant_type\":\"client_credentials\"}"
}
$.ajax(settings).done(function (response) {
console.log(response);
});
var request = require("request");
var options = { method: 'POST',
url: 'https://chariot-sandbox.us.auth0.com/oauth/token',
headers: { 'content-type': 'application/json' },
body: '{"client_id":"CLIENT_ID","client_secret":"CLIENT_SECRET","audience":"https://api.givechariot.com","grant_type":"client_credentials"}' };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://chariot-sandbox.us.auth0.com/oauth/token",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET\",\"audience\":\"https://api.givechariot.com\",\"grant_type\":\"client_credentials\"}",
CURLOPT_HTTPHEADER => array(
"content-type: application/json"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
import http.client
conn = http.client.HTTPSConnection("chariot-sandbox.us.auth0.com")
payload = "{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET\",\"audience\":\"https://api.givechariot.com\",\"grant_type\":\"client_credentials\"}"
headers = { 'content-type': "application/json" }
conn.request("POST", "/oauth/token", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
require 'uri'
require 'net/http'
url = URI("https://chariot-sandbox.us.auth0.com/oauth/token")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["content-type"] = 'application/json'
request.body = "{\"client_id\":\"CLIENT_ID\",\"client_secret\":\"CLIENT_SECRET\",\"audience\":\"https://api.givechariot.com\",\"grant_type\":\"client_credentials\"}"
response = http.request(request)
puts response.read_body
Response:
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlBfNkVWSWt0S2p5ZkhNNWdET3RMaSJ9.eyJpc3MiOiJodHRwczovL2NoYXJpb3QtZGV2LnVzLmF1dGgwLmNvbS8iLCJzdWIiOiJXSXpEaWVPaWY4a3Z0T2gxZUlxcGRTaDRUOWtYeFR0MUBjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9hcGkuZ2l2ZWNoYXJpb3QuY29tIiwiaWF0IjoxNjc4MzI2MTUwLCJleHAiOjE2Nzg0MTI1NTAsImF6cCI6IldJekRpZU9pZjhrdnRPaDFlSXFwZFNoNFQ5a1h4VHQxIiwic2NvcGUiOiJyZWFkOnVzZXJzIHJlYWQ6dXNlciB1cGRhdGU6dXNlcnMgdXBkYXRlOnVzZXIgZGVsZXRlOnVzZXJzIGRlbGV0ZTp1c2VyIHJlYWQ6bm9ucHJvZml0cyByZWFkOm5vbnByb2ZpdCB1cGRhdGU6bm9ucHJvZml0cyB1cGRhdGU6bm9ucHJvZml0IGRlbGV0ZTpub25wcm9maXRzIGRlbGV0ZTpub25wcm9maXQgbGlzdDpncmFudHMgcmVhZDpncmFudHMgdXBkYXRlOmdyYW50cyBjcmVhdGU6Y29ubmVjdCByZWFkOmNvbm5lY3RzIHJlYWQ6Y29ubmVjdCB1cGRhdGU6Y29ubmVjdHMgdXBkYXRlOmNvbm5lY3QgZGVsZXRlOmNvbm5lY3RzIGRlbGV0ZTpjb25uZWN0IGV4Y2hhbmdlOnRva2VuIGNyZWF0ZTpncmFudHMgY3JlYXRlOnNhbmRib3ggcmVhZDpzYW5kYm94IGNyZWF0ZTpjb25uZWN0cyBsaXN0OmNvbm5lY3RzIGNyZWF0ZTpub25wcm9maXRzIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIiwicGVybWlzc2lvbnMiOlsicmVhZDp1c2VycyIsInJlYWQ6dXNlciIsInVwZGF0ZTp1c2VycyIsInVwZGF0ZTp1c2VyIiwiZGVsZXRlOnVzZXJzIiwiZGVsZXRlOnVzZXIiLCJyZWFkOm5vbnByb2ZpdHMiLCJyZWFkOm5vbnByb2ZpdCIsInVwZGF0ZTpub25wcm9maXRzIiwidXBkYXRlOm5vbnByb2ZpdCIsImRlbGV0ZTpub25wcm9maXRzIiwiZGVsZXRlOm5vbnByb2ZpdCIsImxpc3Q6Z3JhbnRzIiwicmVhZDpncmFudHMiLCJ1cGRhdGU6Z3JhbnRzIiwiY3JlYXRlOmNvbm5lY3QiLCJyZWFkOmNvbm5lY3RzIiwicmVhZDpjb25uZWN0IiwidXBkYXRlOmNvbm5lY3RzIiwidXBkYXRlOmNvbm5lY3QiLCJkZWxldGU6Y29ubmVjdHMiLCJkZWxldGU6Y29ubmVjdCIsImV4Y2hhbmdlOnRva2VuIiwiY3JlYXRlOmdyYW50cyIsImNyZWF0ZTpzYW5kYm94IiwicmVhZDpzYW5kYm94IiwiY3JlYXRlOmNvbm5lY3RzIiwibGlzdDpjb25uZWN0cyIsImNyZWF0ZTpub25wcm9maXRzIl19.nvRxt8u6Pynevl4H2zoskkZ4xxTwwAhauuE0Tko42vcZ8bSMAOHSQlV3Wvolqy9YIcYgQa9vWJ4BjaD62bBS7dmZJT9KmzV4dOaZV91hFfWY-rcgYQQIWE2RGUv6ptmjGjE2n15-eiPs7fWtPBD4rV7Y5hAkfkDkubtLtxvBhTP8SZZps0lQUoMQf0eKH1jLqdeXAy52Gi5ui25uc1iVB-rUdjLyK6GMO5hfeNMmuSs0rprXhTR9J0jreEL0I2-8lnyIbSSdHhj-tyaUbeVXhUt7ApatcMARAgqqp-anBUi00vux4ePl9O2xN8Lxo0vA5na7C53lken0PyRVCbXAyw",
"scope": "create:nonprofits read:nonprofits create:connects read:connects create:grants read:grants",
"expires_in": 86400,
"token_type": "Bearer"
}