Authorization
The Crestline API uses Basic Authentication to authenticate users. In the future, we plan to transition to OAuth2 to provide enhanced security and flexibility. This guide explains the current authentication method and what to expect with the upcoming changes.
Current State: Basic Auth
To authenticate with the Crestline API, use Basic Authentication by providing your Client ID and Client Secret as the username and password, respectively.
How It Works:
- The credentials are combined as
ClientID:ClientSecretand then Base64 encoded. - The encoded string is passed in the
Authorizationheader as shown below:
Authorization: Basic BASE64_ENCODED_CREDENTIALS
Obtaining Client ID and Client Secret
To get your Client ID and Client Secret, please reach out to us directly at: support@crestlinelogistics.com
You will need to provide us with:
- Your company name
- Contact details
- Current using Crestline's services? (Y/N)
- Intended use case for the API
Once your request is received, we will review your request and reach out to you with next steps.
Future State: OAuth2
We are planning to migrate to OAuth2 in the future to enhance security.
What to expect:
- You will be able to reuse your existing Client ID and Client Secret to obtain an Access Token
- The authentication flow will use the client_credentials grant type
- You will have to make a request to the token endpoint to obtain an access token:
POST /oauth2/token HTTP/1.1
Host: api.crestline.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic BASE64_ENCODED_CREDENTIALS
grant_type=client_credentials
We will notify all users before the transition to OAuth2. Ensure you are subscribed to our updates or check this page regularly for the latest information.
Need Help?
If you have any questions or need assistance with authentication, feel free to reach out to our support team at: support@crestlinelogistics.com