Authentication
Carriyo API supports OAuth2.0 authentication. To access any Carriyo API you must first get an Oauth Access Token.
Get Access Token
This authentication endpoint takes the client_id and client_secret and returns an access token.
The access token returned by this endpoint should be used as a bearer token in the 'Authorization' header for any subsequent Carriyo API endpoints.
The access token should be cached on the client side until its expiry.
Request Body schema: application/jsonrequired
OAuth Request (to get access token)
| client_id required | string The client ID generated in the Carriyo Dashboard |
| client_secret required | string The client secret generated in the Carriyo Dashboard |
{- "client_id": "<YOUR-CLIENT-ID>",
- "client_secret": "<YOUR-CLIENT-SECRET>"
}Success Response
Response Schema: application/json
| access_token required | string The OAuth access token to be used for API calls |
| scope required | string The permissions granted to the oauth token |
| expires_in required | number Expiry time in milli seconds |
| token_type required | string Token type - Bearer |
{- "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL",
- "scope": "tenant:TEST merchant:ACCOUNT read:shipments create:shipments update:shipments",
- "expires_in": 86400,
- "token_type": "Bearer"
}Error Response
Response Schema: application/json
| error required | string The type of error |
| error_description required | string The error description |
{- "error": "access_denied",
- "error_description": "Unauthorized"
}