This document will explain how to get access to our CRM API and how to authenticate calls to our endpoints.

You should currently have the following pieces of data:

Client ID - 20 character string
Client Secret - 20 character string
API Key - 40 character string

With this information you are then able to call our Single Sign On service, which will return an 'access_token', this token can then be used alongside your 'API Key' to authenticate any of our endpoints directly.

If you've set things up properly Postman will generate cURL commands that look as follows:

curl --location --request POST 'https://id.enthuse.com/sso/oauth/token?grant_type=client_credentials' \
--header 'Authorization: Basic c29tZUNsaWVudElkOnNvbWVDbGllbnRTZWNyZXQ=' \

If your credentials are for Sandbox then:

curl --location --request POST 'https://id.enthuse-sandbox.com/sso/oauth/token?grant_type=client_credentials' \
--header 'Authorization: Basic c29tZUNsaWVudElkOnNvbWVDbGllbnRTZWNyZXQ=' \

The string c29tZUNsaWVudElkOnNvbWVDbGllbnRTZWNyZXQ= in the cURL command is the base64 encoded string derived from 'someClientId:someClientSecret where client_id is someClientId and client_secret is someClientSecret.

You should now have received a successful response from the above call, an 'access_token' expires after 12 hours. Remember to retrieve a new 'access_token' if your calls are now returning a '401 unauthorized' response.

{
    "access_token": "Fy894fS8oJ_Ogwg6Hi7BP_O2wuk",
    "token_type": "bearer",
    "expires_in": 9999,
    "scope": "openid"
}

You now have everything required to authenticate your calls with our endpoints.

As can be seen in the image the 'access_token' can be inserted in the 'Query Params' text box, and the 'API Key' can be inserted on the right hand side in the 'Header' section.

You should now receive a successful response from whichever endpoint you are calling

{
  "status": 200,
  "campaignList": [
    {
      "campaign_guid": "00000000-0000-0000-0000-000000000000",
      "name": "CampaignName",
      "date_created": "2021-02-16 16:34:25",
      "date_from": "2021-02-16 16:34:25",
      "date_to": "2021-02-16 16:34:25",
      "date_updated": "2021-02-18 15:20:25",
      "enabled": true,
      "type": "FUNDRAISING",
      "account_guid": "00000000-0000-0000-0000-000000000000"
    },
    {
      "campaign_guid": "00000000-0000-0000-0000-000000000000"",
     ......

❓I did not receive a 200 response when calling an endpoint, what has occurred?

401 Unauthorized - The 'access_token' you're using has expired or is incorrect, you can retrieve a new one with the same call previously used.

{
    "message": "Unauthorized"
}

403 Forbidden - The 'API Key' used in the header section of your call is incorrect.

{
    "message": "Forbidden"
}

404 No Records Found - You have no records that match the parameters used in the request

{
    "message": "No records found.",
    "status": 404
}

500 Internal Server Error - An error has occurred during the call, please inform us of the response and send your call to our Support Team

{
    "message": "Internal Server Error.",
    "status": 500
}