Migration from v1 to v2
Example application
We have updated our example application to work with API v2. Download the updated example application.
Why did we migrate?
The migration to API v2 was driven by security improvements. We updated the authentication method to follow the Client Credentials flow of the OAuth 2.0 specification, replacing the legacy API key-only approach. This makes the integration more secure, better aligned with industry standards, and easier to audit.
What changed?
New Token Endpoint
The /authentication endpoint has been updated. Key changes:
-
The token endpoint is now hosted on a separate Identity server at
https://identity.example.com. See the Authentication section of the API Reference for details. -
You must URL-encode your client secret before using it. Use urlencoder.org to encode it.
-
The
Authorizationheader must use theBasicscheme with a base64-encoded string of<ClientID>:<URL_Encoded_ClientSecret>. -
The request body must include:
grant_type=client_credentialsscope=platform_upload_api- Content-Type:
application/x-www-form-urlencoded
Example token request
curl --location 'https://identity.example.com/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic NTQ3MUUwMTAtRERFRS00Qzk4LUZGOEYtMDhEQjIyNDVFMzczOjdyZzZHdCtoVWlvYnRYSTlKYjM3ejJ2dHJodzFDRWdEa3dGWmNNYk41WWM9' \
-d 'grant_type=client_credentials&scope=platform_upload_api'
Upload API Endpoint
No major changes were made to the /UploadData request payload. However, the base URL for the Upload server has changed to https://web.example.com.
To authenticate requests, pass the token from the Identity server in the Authorization header using the Bearer scheme: