Managing Bearer Tokens

The LCP Delta API uses OAuth 2.0 Bearer Tokens as a way of authenticating access to our API and DPS. This means that before making any calls, you first need to request a Bearer Token (also known as a Private API Key). This then needs to be appended to the 'Authorization' header of any API call you subsequently make.

Users of the LCPDelta Python package do not need to worry about this.

In order to get your Bearer Token, you require your Username and Public API Key (if you do not know these, please reach out to [email protected]). Any provided Bearer Tokens will grant access to the Enact API and DPS for 8 hours, which means that you will need to periodically refresh your access.

If continuous access is required to the API, it is recommended to refresh your token every couple of hours.

Any attempts to use the Enact API without a valid Bearer Token will yield a "401 Unauthorized" response.

To retrieve your bearer token, please follow the full guide in the API Reference page. A sample of these requests can be found here:

public class SimpleUser
{
	public string Username { get; set; }
	public string ApiKey { get; set; }
}

public async Task<string> GetBearerToken()
{
	var httpClient = new HttpClient();
	httpClient.BaseAddress = new Uri(@"https://enactapifd.lcp.uk.com");
	var apiDummyUser = new SimpleUser { Username = "<USERNAME>", ApiKey = "<PUBLIC_KEY>" };
	var result = await httpClient.PostAsync("/auth/token", 
		new StringContent(
      JsonConvert.SerializeObject(apiDummyUser, typeof(SimpleUser), new JsonSerializerSettings()), 
      Encoding.UTF8, 
      "application/json"));
	string bearerToken = await result.Content.ReadAsStringAsync();
	return bearerToken;
}

curl -X POST \
https://enactapifd.lcp.uk.com/auth/token \
-H 'Content-Type: application/json' \
-d '{"Username" : "<USERNAME>" , "ApiKey" : "<PUBLIC_KEY>"}'

Once the bearer token is received, it can be passed to the API via the Authorization header in the request.