Authentication

Authentication with the Strange Loop API occurs using OAuth tokens. You must include your authentication token as a header on each HTTP request you make like this: Authorization: <token> Your service will obtain its authentication token using an OAuth Client-Credential Flow:

Exchange your client ID and secret with https://customer-console-prod.auth.us-west-2.amazoncognito.com for an access token. The value of the expires_in field in the response is the number of seconds until this token expires.
Store the token along with its expiration date in persistent storage so that it can be re-used on each call. It is important to not request new tokens on each call as your application will be rate limited.
Before making a call to the Strange Loop API, check if the token is expired and, if so, refresh it.
Make the call to the Strange Loop API using the access token.

Here is working code that performs the credential exchange:

  const client_id = process.env.STRANGELOOP_CLIENT_ID;
  const client_secret = process.env.STRANGELOOP_CLIENT_SECRET;

  const options = {
    method: "POST",
    url: "https://customer-console-prod.auth.us-west-2.amazoncognito.com/oauth2/token",
    headers: { "content-type": "application/x-www-form-urlencoded" },
    data: `grant_type=client_credentials&client_id=${client_id}&client_secret=${client_secret}&scope=https://api.strangelooplabs.ai/default`,
  };

  const response = await axios(options);
  const tokenData = {
    token: response.data.access_token,
    expiry: Date.now() + response.data.expires_in * 1000,
  };
  fs.writeFileSync("token.json", JSON.stringify(tokenData));
  return tokenData.token;
};

Automation API

​Authentication

Authentication