Use your Sigma client ID and secret with this endpoint to generate an access token valid for one hour, or to refresh your token. You can then use the access token to authenticate requests made to the Sigma API.
To make any API call with the Sigma API, including to try API calls in the API documentation, you must have a valid bearer token.
You can generate a token using this API endpoint, or you can use the Try It! option on this page. If you use the Try It! option, the token is automatically applied for any other API calls you make from the API reference documentation pages during your browser session.
The API token is valid for 1 hour. When the token expires, an endpoint response returns an unauthorized error.
Usage notes
- Send your client ID as the
usernamein the API request header. - Send your client secret as the
passwordin the API request header. - Set the
grant_typeparameter toclient_credentialsin the data sent with your request. - Set the URL that corresponds to the cloud where your Sigma environment is hosted. See Get started with the Sigma REST API.
Refresh an access token
The response includes a refresh token you can use to refresh your access token after it expires:
- Set the
grant_typetorefresh_token. - Send a
refresh_tokenparameter with the value of the refresh token provided when you got the access token.
For example:
curl --location --request POST '{endpoint-url}'
--header 'Content-Type: application/x-www-form-urlencoded'
--data-urlencode 'grant_type=refresh_token'
--data-urlencode 'refresh_token={refresh_token}'
--data-urlencode 'client_id={client_id}'
--data-urlencode 'client_secret={api_token}'