GuidesAPI Reference

Authentication

This guide explains how to authenticate your requests to the Truss API.

OAuth 2.0

Truss uses OAuth 2.0 for authentication. All API requests require an access token obtained through the OAuth 2.0 Authorization Code flow.

Overview

With OAuth 2.0, your users can securely authorize your application to access their Truss data without sharing their credentials. After authorization, you'll receive an access token that must be included in all API requests.

Using Your Access Token

Include the access token in the Authorization header when making API requests:

Authorization: Bearer {access_token}

⏱️ Token Expiry: Access tokens expire after 60 minutes. Use your refresh token to obtain a new access token before expiry.

Getting Started

For complete details on implementing OAuth 2.0 authentication with Truss, including:

  • Prerequisites and obtaining OAuth credentials
  • Step-by-step OAuth flow implementation
  • Token exchange and refresh procedures
  • Available scopes and permissions
  • Testing in staging environment

See the complete OAuth Integration Guide.