Authentication
This guide walks users through how to use authenticate requests using the Alluvial APIs.
Client Credentials Flow
Below is a ladder diagram showing the flow to create an access token.
This flow involves 3 parties:
Platform Server: the client looking to access the Alluvial API and which has previously been given a Client ID and Client Secret credentials.
Alluvial Authorization Server: responsible for validating credentials and generating JWT Access Token.
Alluvial API: the target resource to be accessed.

To obtain a Client ID and Client Secret reach out to your Alluvial representative.
Getting Access Token
To obtain an access token, use the a request below using your client id and secret.
Request:
curl 'https://auth.alluvial.finance/oauth/token' \
--header 'content-type: application/json' \
--data '{
"audience": "https://api.staging.alluvial.finance",
"grant_type": "client_credentials",
"client_id": "<YOUR_CLIENT_ID>",
"client_secret": "<YOUR_CLIENT_SECRET>"
}'
Response:
{
"access_token": "eyJhbGci…CVm5g",
"scope": "read:eth-oracle read:eth-contracts read:eth-operators",
"expires_in": 86400,
"token_type": "Bearer"
}
Refreshing Access Token
Access Token should be reused for every request until it expires, in which case they should go through the Client Credential Flow again to obtain a fresh Access Token.
Sample request
To use the access token, pass it via the HTTP header Authorization: Bearer
curl 'https://api.staging.alluvial.finance/v0/wallets/0x2B7ff5d4C14A9Da8d5C9354c7A52aB40DdC1C01e' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer eyJh...b'
If you receive a 2xx response, you are now able to make fully authenticated requests.
If you receive a 4xx response, check if your access token is expired.
You are now ready to make requests! Please check out our guides on staking and redemptions.
Last updated
Was this helpful?