Authentication
Contact your Rokt Account Manager to have a Client App registered for you within the Rokt Platform. Your Rokt Account Manager will then supply you with a "Client ID" and "Client Secret". These are confidential pieces of information about your app and you need to keep them in a safe place.
Here is a sample Client Id and Client Secret:
ClientId: "40svbin0d194subpohl079rhck"
Secret: "1dimhvr1v6skae9uhvtgs3chs2astnjf0469df6ul9hurubtoovn"
You need to use these client credentials in the REST interactions with the Rokt public API.
Authentication
The Rokt Reporting API uses access tokens to authenticate requests. Access tokens allow Rokt to identify client apps, the type of data that each client app is accessing , and prevent malicious apps from accessing data that they do not have access to.
Authentication to the API is performed via OAuth 2.0. To run a successful API call, you will need to use a Client ID and Secret to obtain an access token that will need to be used in all API calls. The Client ID and secret will be provided to you.
API requests without authentication or with incorrect authentication will fail. The API will return either a 400 or 403 error code. From the Rokt Reporting API, you will only be able to retrieve data from the accounts that your user credentials have access to.
Get Access Token
To call any endpoint on the Rokt Reporting API, an access token is needed. Access tokens allow Rokt to identify client apps, the type of data that each client app is accessing , and prevent malicious apps from accessing data that they do not have access to.
Access tokens are generated based on the 'Client ID' and 'Client Secret' created in the previous step. The access token lasts one hour. During that hour the access token can be used to call all endpoints on the Rokt Reporting API. Before it expires, you will need to re-generate the access token based on the client credentials.
In order to get the access token, an endpoint is exposed in the Rokt Reporting API:
POST https://api.rokt.com/auth/oauth2/token
Request Parameters in Header
| Key | In | Description | Required? | Example |
|---|---|---|---|---|
| Authorization | header | "client_id" and "client_secret" must be passed in the authorization header through Basic HTTP authorization and will be provided by your account manager; the header content is "Basic base64encode(client_id:client_secret)" | Yes | Basic base64encocde(12345:abcde) |
| Content-Type | header | Media type of request must always be "application/X-www-form-urlencoded" | Yes | application/X-www-form-urlencoded |
Request Parameters in Body
| Key | In | Description | Required? | Example |
|---|---|---|---|---|
| grant_type | body | Must be client_credentials | Yes | client_credentials |
Examples Request with a Positive Response
Sample request:
POST https://api.rokt.com/auth/oauth2/token&
Content-Type='application/x-www-form-urlencoded'&
Authorization=Basic xxx
grant_type=authorization_code
Sample response:
{
"access_token": "eyJraWQiOiJNMDJyQmZzT3pNKzRVMjhHRjVuaDdIREphWlIwaytDMlwvNFl5dXYxZ2N0ST0iLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0MHN2YmluMGQxOTRzdWJwb2hsMDc5cmhjayIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoicmVwb3J0LWFwaVwvcmVhZC1yZXBvcnQtYXBpIiwiYXV0aF90aW1lIjoxNTg1MTEwMDQxLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtd2VzdC0yLmFtYXpvbmF3cy5jb21cL3VzLXdlc3QtMl9kb3dOWnV6VFgiLCJleHAiOjE1ODUxMTM2NDEsImlhdCI6MTU4NTExMDA0MSwidmVyc2lvbiI6MiwianRpIjoiZDFlNjgyMDYtNWVlNy00NThjLTkwODYtZjAwYjhiMjEzYjJhIiwiY2xpZW50X2lkIjoiNDBzdmJpbjBkMTk0c3VicG9obDA3OXJoY2sifQ.NOJIx7qLHFVXqKNZfJKsJlwitOvbHOLdknQ\_D33WjYe8O9ZE08t7LFgs7ANiwBicN5ejmdS7iND0cth5ViUWK5MKZxvLKI6dPG5RljegfpZJtGKqDT\_MFfpayvcOlkkZc5yRw9Bcgz\_fW2ha7q6BGRsUb-e9DZ0Pcb5zL\_HbRLbnvlhYCYi9rPmYOYG6BronvLwB8sg2kVubLQGn\_ASbK\_FW8bKPhqH4BL2\_JunGBzUKJPL9yNvOnFy7VKwlvH1OKUqKlCYbewOtUd1utcMNIb\_AbSGRtzJKslbE5VwQtL5bZ34kOCNH07gSolSGvqqw4dyxU4l0QSVXVmqgVYdKfA",
"expires_in": 3600,
"token_type": "Bearer"
}
Call an API Endpoint
Using the access token from the previous step,you can now call endpoints on the Rokt Public API. Note that the token must be sent as a ‘Bearer’ token in the Authorization header.
Sample API request:
GET https://api.rokt.com/reporting/performance-reports/partner/1/stats?dateStart=2020-02-05&dateEnd=2020-02-12&
Authorization=Bearer eyJraWQiOiJNMDJyQmZzT3pNKzRVMjhHRjVuaDdIREphWlIwaytDMlwvNFl5dXYxZ2N0ST0iLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0MHN2YmluMGQxOTRzdWJwb2hsMDc5cmhjayIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoicmVwb3J0LWFwaVwvcmVhZC1yZXBvcnQtYXBpIiwiYXV0aF90aW1lIjoxNTg1MTEwMDQxLCJpc3MiOiJodHRwczpcL1wvY29nbml0by1pZHAudXMtd2VzdC0yLmFtYXpvbmF3cy5jb21cL3VzLXdlc3QtMl9kb3dOWnV6VFgiLCJleHAiOjE1ODUxMTM2NDEsImlhdCI6MTU4NTExMDA0MSwidmVyc2lvbiI6MiwianRpIjoiZDFlNjgyMDYtNWVlNy00NThjLTkwODYtZjAwYjhiMjEzYjJhIiwiY2xpZW50X2lkIjoiNDBzdmJpbjBkMTk0c3VicG9obDA3OXJoY2sifQ.NOJIx7qLHFVXqKNZfJKsJlwitOvbHOLdknQ\_D33WjYe8O9ZE08t7LFgs7ANiwBicN5ejmdS7iND0cth5ViUWK5MKZxvLKI6dPG5RljegfpZJtGKqDT\_MFfpayvcOlkkZc5yRw9Bcgz\_fW2ha7q6BGRsUb-e9DZ0Pcb5zL\_HbRLbnvlhYCYi9rPmYOYG6BronvLwB8sg2kVubLQGn\_ASbK\_FW8bKPhqH4BL2\_JunGBzUKJPL9yNvOnFy7VKwlvH1OKUqKlCYbewOtUd1utcMNIb\_AbSGRtzJKslbE5VwQtL5bZ34kOCNH07gSolSGvqqw4dyxU4l0QSVXVmqgVYdKfA