Personal Access Token
Some developers will be issued, along with their key, a non-expiring OAuth 2 access token that may be used to access the Spark® API directly. All requests using the token must be made using HTTPS.
Never provide your
client_secret to a web browser or other end-user agent. Instead, maintain a separate session and persist this data in a location accessible only by your application (e.g. do not store the
access_token in a cookie).
Contact firstname.lastname@example.org for further guidance.
To request data from the api you will need to provide two headers. The
Authorization header and the
You will typically want an
Accept header of
application/json but, if you are accessing the metadata document of
the RESO metadata document you will need to use
Authorization header you will use
Authorization: Bearer <your_access_token> Accept: application/json