Got Live Data Documentation
Toggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto mode Back to homepage


This page describes how authentication and authorization is implemented in the Live Data API.


All API calls require authentication in the form of an access token, which can be obtained using a username/password or service account credentials via the OAuth2 token endpoint.

Service Accounts

Live Data uses the OAuth2 Client Credentials flow for authenticating service accounts. Create a Service Account using the UI by selecting the Teams menu on the left and the Service Accounts tab. When creating a service account, you will be provided the client secret – this is the only time you can obtain the secret.

To authenticate using these credentials, call the session endpoint with grantType=clientCredentials and the clientId and clientSecret params populated by the service account ID and secret. This will return an access token which can be used to authenticate further calls.


curl -X 'POST' \
  '' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -d '{
  "grantType": "clientCredentials",
  "clientId": "<your service account/client id>",
  "clientSecret": "<your client secret>"


{"accessToken": "eyJ0eXAiOiJKV1Qi.eyJ0eXAiOiJKV1Qi.4K20wYgWlrQ9y58-nBJU8", "expiresAt": "2021-11-19T23:36:09.092720"}

Obtaining an Access Token Using Username/Password

To obtain an access token using user credentials, call the [#](session endpoint) using the username and password.

curl -X POST \
  -d "username=<username>&password=<password>"

A successful response will be a 200 and include an access_token field in the body, along with the expiration time. Access tokens expire 1 hour after creation.


All API calls require a defined ‘role’, which is specified in the API documentation. The user or service account making the API call must have the specified role on the organization for the API call to succeed.