Authentication

API access

In order to access the Chariot API, you will need to authenticate requests using an OAuth2 access token obtained from an OAuth2 Client Credentials flow.

  • OAuth 2.0 Access Token: This is a JWT that should be provided as a Bearer token in the Authorization header for all API endpoints. This Access Token is temporary and once it expires you can request a new one. We recommend you save these tokens somewhere safe and re-use them until they expire so you can avoid having to re-fetch which can add latency to your requests.

To obtain the necessary client_id and client_secret please email support@givechariot.com.

Getting an OAuth2.0 Access Token for your API

You can execute a client credentials exchange to get an access token for Chariot. Here are a few examples in a variety of languages. Replace any CLIENT_ID and CLIENT_SECRET with the ones privately shared with you. Note that in this example we are retrieving an access token for the Chariot Sandbox environment. If you wanted to retrieve an access token for the Chariot Production environment, you would use the following URL https://login.givechariot.com/oauth/token with Production environment specific OAuth Client Credentials.

1curl --request POST \
2  --url https://chariot-sandbox.us.auth0.com/oauth/token \
3  --header 'content-type: application/json' \
4  --data '{"client_id":"CLIENT_ID","client_secret":"CLIENT_SECRET","audience":"https://api.givechariot.com","grant_type":"client_credentials"}'

Response:

JSON
1{
2  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlBfNkVWSWt0S2p5ZkhNNWdET3RMaSJ9.eyJpc3MiOiJodHRwczovL2NoYXJpb3QtZGV2LnVzLmF1dGgwLmNvbS8iLCJzdWIiOiJXSXpEaWVPaWY4a3Z0T2gxZUlxcGRTaDRUOWtYeFR0MUBjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9hcGkuZ2l2ZWNoYXJpb3QuY29tIiwiaWF0IjoxNjc4MzI2MTUwLCJleHAiOjE2Nzg0MTI1NTAsImF6cCI6IldJekRpZU9pZjhrdnRPaDFlSXFwZFNoNFQ5a1h4VHQxIiwic2NvcGUiOiJyZWFkOnVzZXJzIHJlYWQ6dXNlciB1cGRhdGU6dXNlcnMgdXBkYXRlOnVzZXIgZGVsZXRlOnVzZXJzIGRlbGV0ZTp1c2VyIHJlYWQ6bm9ucHJvZml0cyByZWFkOm5vbnByb2ZpdCB1cGRhdGU6bm9ucHJvZml0cyB1cGRhdGU6bm9ucHJvZml0IGRlbGV0ZTpub25wcm9maXRzIGRlbGV0ZTpub25wcm9maXQgbGlzdDpncmFudHMgcmVhZDpncmFudHMgdXBkYXRlOmdyYW50cyBjcmVhdGU6Y29ubmVjdCByZWFkOmNvbm5lY3RzIHJlYWQ6Y29ubmVjdCB1cGRhdGU6Y29ubmVjdHMgdXBkYXRlOmNvbm5lY3QgZGVsZXRlOmNvbm5lY3RzIGRlbGV0ZTpjb25uZWN0IGV4Y2hhbmdlOnRva2VuIGNyZWF0ZTpncmFudHMgY3JlYXRlOnNhbmRib3ggcmVhZDpzYW5kYm94IGNyZWF0ZTpjb25uZWN0cyBsaXN0OmNvbm5lY3RzIGNyZWF0ZTpub25wcm9maXRzIiwiZ3R5IjoiY2xpZW50LWNyZWRlbnRpYWxzIiwicGVybWlzc2lvbnMiOlsicmVhZDp1c2VycyIsInJlYWQ6dXNlciIsInVwZGF0ZTp1c2VycyIsInVwZGF0ZTp1c2VyIiwiZGVsZXRlOnVzZXJzIiwiZGVsZXRlOnVzZXIiLCJyZWFkOm5vbnByb2ZpdHMiLCJyZWFkOm5vbnByb2ZpdCIsInVwZGF0ZTpub25wcm9maXRzIiwidXBkYXRlOm5vbnByb2ZpdCIsImRlbGV0ZTpub25wcm9maXRzIiwiZGVsZXRlOm5vbnByb2ZpdCIsImxpc3Q6Z3JhbnRzIiwicmVhZDpncmFudHMiLCJ1cGRhdGU6Z3JhbnRzIiwiY3JlYXRlOmNvbm5lY3QiLCJyZWFkOmNvbm5lY3RzIiwicmVhZDpjb25uZWN0IiwidXBkYXRlOmNvbm5lY3RzIiwidXBkYXRlOmNvbm5lY3QiLCJkZWxldGU6Y29ubmVjdHMiLCJkZWxldGU6Y29ubmVjdCIsImV4Y2hhbmdlOnRva2VuIiwiY3JlYXRlOmdyYW50cyIsImNyZWF0ZTpzYW5kYm94IiwicmVhZDpzYW5kYm94IiwiY3JlYXRlOmNvbm5lY3RzIiwibGlzdDpjb25uZWN0cyIsImNyZWF0ZTpub25wcm9maXRzIl19.nvRxt8u6Pynevl4H2zoskkZ4xxTwwAhauuE0Tko42vcZ8bSMAOHSQlV3Wvolqy9YIcYgQa9vWJ4BjaD62bBS7dmZJT9KmzV4dOaZV91hFfWY-rcgYQQIWE2RGUv6ptmjGjE2n15-eiPs7fWtPBD4rV7Y5hAkfkDkubtLtxvBhTP8SZZps0lQUoMQf0eKH1jLqdeXAy52Gi5ui25uc1iVB-rUdjLyK6GMO5hfeNMmuSs0rprXhTR9J0jreEL0I2-8lnyIbSSdHhj-tyaUbeVXhUt7ApatcMARAgqqp-anBUi00vux4ePl9O2xN8Lxo0vA5na7C53lken0PyRVCbXAyw",
3  "scope": "create:nonprofits read:nonprofits create:connects read:connects create:grants read:grants",
4  "expires_in": 86400,
5  "token_type": "Bearer"
6}