Before you can use the GBG GO API, you must authenticate your request. This involves exchanging your credentials for an access token, which must be included in every API call.

What you need

Before requesting an access token, make sure you have the following API credentials:
  • Client ID – Identifies your organization.
  • Client secret – A secure key linked to your Client ID.
  • Username – The API username provided for your account.
  • Password – A temporary password set during account creation (must be changed before use).
You receive these credentials from your GBG account manager.

Reset your password before first use

When your credentials are first issued, your password is temporary. You must reset it before authenticating. Contact your account manager to help with this process.

Request an access token

To get your access token, send a POST request to the endpoint. You can send a request like this:
BASH
curl --request POST \
  --url https://api.auth.gbgplc.com/as/token.oauth2 \
  --header 'accept: application/json' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data 'client_id=your-client-id&client_secret=your-client-secret&username=your-username&password=your-password&grant_type=password'
If your request is successful, the API will return a response in this format:
JSON
{
  "access_token": "your-access-token",
  "token_type": "Bearer",
  "expires_in": 3600
}
Store your access token securely and refresh it when it expires. Refer to the Generate access token API reference for details on the request and response definitions.

Next step

Go to Start a journey to learn how to trigger a customer journey using your access token.