Skip to main content
All requests to the chargecloud APIs must be authenticated. To get access, you first request an access token from the OAuth token endpoint using your credentials. Your system then sends this token with every API call and requests a new one before it expires. Requests that are missing credentials, use an invalid or expired token, or lack the required permissions are rejected with the appropriate HTTP error.

Before you start

Two credential options are supported for the OAuth token endpoint. Both are set up outside the API, in the chargecloud OS. For step-by-step setup instructions, see the chargecloud Help Center.

A — Sign in as a person: chargecloud OS user credentials

Use this when a real team member is behind the integration. An administrator creates a user in the chargecloud OS and assigns the correct role. The role then determines the scopes available to that user.Best for: integrations your team builds and maintains itself, where you want to see in the chargecloud OS who did what.Technical: email = username, password = password.

B — Sign in as a system: API key

Use this when there is no person involved — for example a nightly job that syncs data on its own. An administrator creates an API key in the chargecloud OS and assigns it a role.Best for: automated jobs and machine-to-machine integrations that run without anyone clicking a button.Technical: public key = username, private key = password.
The full token endpoint reference is available in the Core API documentation.

The context parameter

The chargecloud OS serves multiple entity types within a single tenant. The optional context parameter on the token request tells the IDP which entity type to look up credentials against.

Supported values

When context is provided, it takes precedence over the OAuth client’s static entityType configuration. Make sure the value matches the entity type your credentials belong to, or the authentication lookup will fail with a 401.

Get a token

1 · Request token
2 · Response
3 · Call the API