Authentication
VectorCare implements the OAuth2 protocol for authenticating applications.
POST
https://auth.vectorcare.com/v2.0/oauth2/token
Request
Section titled “Request”Send a POST request with form-data body:
| Field | Value | Description |
|---|---|---|
client_id | Your client ID | Generated in VectorCare Open API settings |
client_secret | Your client secret | Generated in VectorCare Open API settings |
grant_type | client_credentials | Always use this value |
Response
Section titled “Response”Success (200 OK)
Section titled “Success (200 OK)”{ "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9...", "token_type": "bearer", "expires_in": 3600}| Field | Type | Description |
|---|---|---|
access_token | string | JWT token for API requests |
token_type | string | Always bearer |
expires_in | integer | Token lifetime in seconds (typically 3600) |
Error (401 Unauthorized)
Section titled “Error (401 Unauthorized)”{ "error_description": "Client authentication failed.", "error": "invalid_client"}Using the Token
Section titled “Using the Token”Include the token in the Authorization header for all API requests:
Authorization: Bearer {access_token}Token Refresh
Section titled “Token Refresh”Tokens expire after expires_in seconds (typically 1 hour). Proactively refresh before expiration to avoid 401 Unauthorized errors.
Generating Credentials
Section titled “Generating Credentials”- Log into VectorCare as an account admin
- Navigate to Settings → Open API
- Click Generate Credentials
- Store your
client_idandclient_secretsecurely
See VectorCare Open API Setup for detailed instructions.