Before you can use the GBG GO API, you must authenticate your request. This involves exchanging your credentials for an access token, which must be included in every API call.

What you need

Before requesting an access token, make sure you have the following API credentials:

  • Client ID – Identifies your organization.
  • Client secret – A secure key linked to your Client ID.
  • Username – The API username provided for your account.
  • Password – A temporary password set during account creation (must be changed before use).

You receive these credentials from your GBG account manager.

Reset your password before first use

When your credentials are first issued, your password is temporary. You must reset it before authenticating.

  1. Visit the PingID login page.
  2. Enter your assigned username (which is your email address).
  3. Click Forgot your password?
  4. Follow the instructions in your email to set a new password.

If you do not reset your password, authentication will fail.

Request an access token

To get your access token, send a POST request to the endpoint.

You can send a request like this:

curl --request POST \
  --url https://eu.platform.go.gbgplc.com/captain/api/as/token.oauth2 \
  --header 'accept: application/json' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data 'client_id=your-client-id&client_secret=your-client-secret&username=your-username&password=your-password&grant_type=password'

If your request is successful, the API will return a response in this format:

{
  "access_token": "your-access-token",
  "token_type": "Bearer",
  "expires_in": 3600
}

Store your access token securely and refresh it when it expires.

Refer to the Generate access token API reference for details on the request and response definitions.

Next step

Go to Start a journey to learn how to trigger a customer journey using your access token.