Authentication

The API accepts 2 different authentication methods:

OAuth2

Retrieve an Access Token with the OAuth 2.0 flows described below before accessing the API. Once you have an access token, send it in the Authorization HTTP header to authenticate with the API.

Flow type authorizationCode
Authorization URL https://id.pace.cloud/auth/realms/pace/protocol/openid-connect/auth
Token URL https://id.pace.cloud/auth/realms/pace/protocol/openid-connect/token
Refresh URL https://id.pace.cloud/auth/realms/pace/protocol/openid-connect/token
Scopes
  • user:otp:create: Create OTP
  • user:otp:verify: Verify OTP
  • user:users:read: Read user data
  • user:user:delete: Deletes the account of the current user
  • user:users:write: Update user data
  • user:terms:accept: Accept terms of service
  • user:users:delete: Deletes a user
  • user:sessions:update: Update the current user session
  • user:users.pin:check: Check if user PIN is set
  • user:preferences:read: Get the users app preferences
  • user:users.pin:update: Update PIN
  • user:preferences:write: Update the users app preferences
  • user:users.phone:check: Check if user phone is set
  • user:users.phone:update: Change the user phone number
  • user:device-totps:create: Create Device totp
  • user:oidc:token-exchange: OIDC Token Exchange
  • user:users.password:check: Check if user password is set
  • user:users.password:create: Add user password
  • user:callbacks:password-reset: Callback before password is reset
  • user:device-totps:create-after-login: Create Device totp within 5 minutes of user registration

Oidc (openIdConnect)

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It enables Applications to verify the identity of End-Users based on the authentication performed by an Authorization Server.

The OpenID Connect URL for this API is: https://id.pace.cloud/auth/realms/pace/.well-known/openid-configuration.