Locoia API Authentication
Authentication with our API of Locoia itself
Locoia uses personal access token (with granular scopes) and OAuth2.

Personal Access Token

Creating a Personal Access Token

In order to create a personal access token the following endpoint needs to be used:
post
https://api.locoia.com
/v1/personal-access-tokens
Create personal access token
The token itself is only visible right after creating a personal access token, after that it is impossible to retrieve it from the API.
You can also create it directly in Locoia with this Community Library Flow.
One can regenerate a token with by sending the following POST request:
post
https://api.locoia.com
/v1/personal-access-tokens/{{ token_id }}/regenerate
Regenerate personal access token
You can list all token with
get
https://api.locoia.com
/v1/personal-access-tokens
Get personal access tokens

Scopes

The following scopes are available:
Scope Name
Entites
automation
  • Flows
  • Flow Runs
  • Flow Run Steps
  • Run Flows
  • Connector Auths (Read only)
  • Env Variables (Read only)
  • File Uploads (Read only)
company
  • Env Variables
  • File Uploads
  • Teams
  • Users
connector_auth
  • Connector Auths
connectors
  • Connectors
  • Connector Actions
dashboard
  • Dashboards
  • Data Sources
  • Forecasts
  • Insights
  • Transforms
embed
  • Embeds
All scopes have the following access levels:
Scope Extension
Operations
Example
None (leave empty)
CRUD - Create, Read, Update, Delete
connector_auth - the token can create, read, update, and delete all Connector Auths to which the user who created the token has access to
:manage
CRU - Create, Read, Update
connector_auth:manage - the user can do all of the above, except for deleting
:view
R - Read
connector_auth:view - the user can only read the Connector Auths

Using Personal Access Token

To authenticate with the token, simply specify it in the Authorization header like this: Authorization: Bearer {{ token }} or select Basic Auth when you setup a Connector Auth for Locoia within the Locoia app and then use the token there.

OAuth2

Contact one of our Solutions Consultants to get all details regarding API access, such as client_id and client_secret.
Alternatively, to avoid setting up a fully blown Oauth2-client, you can also receive a refresh-token to get a fresh access_token, whenever needed.
1. Create a user in Locoia specifically for API requests.
2. Based on the client_id and client_secret from Locoia, use PostMan's authentication feature to get the refresh_token. Select OAuth 2.0., as per the below screenshot, and input the following details:
  • Auth URL: https://dynamicinsight.auth.eu-central-1.amazoncognito.com/oauth2/authorize
  • Access Token URL: https://dynamicinsight.auth.eu-central-1.amazoncognito.com/oauth2/token
  • Client ID: my_client_id
  • Client Secret: my_client_secret
  • Scope: email openid
After filling in all of the above details, click `Get New Access Token` and you will be redirected to an Authentication Screen. Enter the user credentials of the previously created user. Now you should get the refresh_token, among other details, for this user.
3. Ongoing refreshing: To get a valid access_token based on a refresh_token, please proceed on the request as follows:
1
POST https://dynamicinsight.auth.eu-central-1.amazoncognito.com/oauth2/token
2
3
HEADERS:
4
Content-Type="application/x-www-form-urlencoded"
5
Authorization=Basic base64(my_client_id:my_client_secret)FORM URLENCDODED:
6
grant_type=refresh_token&
7
client_id=my_example_client_id&
8
refresh_token=REFRESH_TOKEN
Copied!
4. The access_token can now be used in the following format as a header:
Authorization: Bearer ey... where ey.. is the access_token