Skip to main content
The Untether Labs API uses OAuth 2.0 client_credentials grant for machine to machine authentication. You may read more information on this flow here.

Obtaining Credentials

Please reach out to create a bot account for your company. Once approved and created, you will receieve two credentials:
  • Client ID: A public identifier for your application.
  • Client Secret: A secret known only to your application and the authorization server.

Access Token Exchange

The Client ID and Client Secret do not provide access to the API by themselves, you must exchange them for a short-lived access token. This is accomplished by sending them to the /oauth/token endpoint:
Token Request
curl -X POST --location "https://app.untetherlabs.com/api/oauth/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d 'grant_type=client_credentials&client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}'
Token Response
{
    "access_token": "{ACCESS_TOKEN}",
    "token_type": "Bearer",
    "expires_at": "{ISO TIMESTAMP}"
}
Machine access tokens are short lived (1 hour by default). You may repeat the token exchange at any time to obtain a new access token.

Your First Request

With an access token, you are now free to make requests to the API any time before expires_at. For example, we can fetch our own user information:
First API Request
curl -X GET --location "https://app.untetherlabs.com/api/v1/users/{CLIENT_ID}" \
    -H "Authorization: Bearer {ACCESS_TOKEN}"
Get User Response
{
    "id": "{CLIENT_ID}",
    "type": "bot",
    "name": "My API Client",
    "email": "[email protected]",
    "status": "active"
}
For more information about this endpoint, see GET /v1/users/{userId}