Authentication
The neuroflash API uses OAuth2 client credentials for authentication, powered by Zitadel. You exchange a client ID and secret for an access token, then include that token in all API requests.
Getting Your Credentials
- Log in to the neuroflash app
- Create a new service account
- Copy the
client_idandclient_secret
Store your credentials securely. Never commit them to version control or expose them in client-side code.
Obtaining an Access Token
Exchange your credentials for an access token by sending a POST request to the Zitadel token endpoint:
POST https://id.neuroflash.com/oauth/v2/token
- cURL
- Python
- Node.js
- Go
curl -X POST https://id.neuroflash.com/oauth/v2/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials" \
-d "client_id=YOUR_CLIENT_ID" \
-d "client_secret=YOUR_CLIENT_SECRET" \
-d "scope=openid"
import requests
response = requests.post(
"https://id.neuroflash.com/oauth/v2/token",
data={
"grant_type": "client_credentials",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"scope": "openid",
},
)
token = response.json()["access_token"]
print(f"Access token: {token}")
const response = await fetch("https://id.neuroflash.com/oauth/v2/token", {
method: "POST",
headers: { "Content-Type": "application/x-www-form-urlencoded" },
body: new URLSearchParams({
grant_type: "client_credentials",
client_id: "YOUR_CLIENT_ID",
client_secret: "YOUR_CLIENT_SECRET",
scope: "openid",
}),
});
const { access_token } = await response.json();
console.log(`Access token: ${access_token}`);
package main
import (
"encoding/json"
"fmt"
"net/http"
"net/url"
"strings"
)
func main() {
data := url.Values{
"grant_type": {"client_credentials"},
"client_id": {"YOUR_CLIENT_ID"},
"client_secret": {"YOUR_CLIENT_SECRET"},
"scope": {"openid"},
}
resp, _ := http.Post(
"https://id.neuroflash.com/oauth/v2/token",
"application/x-www-form-urlencoded",
strings.NewReader(data.Encode()),
)
defer resp.Body.Close()
var result struct {
AccessToken string `json:"access_token"`
}
json.NewDecoder(resp.Body).Decode(&result)
fmt.Printf("Access token: %s\n", result.AccessToken)
}
Token Response
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 14399
}
| Field | Description |
|---|---|
access_token | The Bearer token to include in API requests |
token_type | Always Bearer |
expires_in | Token lifetime in seconds (approximately 4 hours) |
Using the Token
Include the access token in the Authorization header of every API request:
- cURL
- Python
- Node.js
- Go
curl https://app.neuroflash.com/api/digital-twin-service/v1/static-groups \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
import requests
headers = {"Authorization": f"Bearer {token}"}
response = requests.get(
"https://app.neuroflash.com/api/digital-twin-service/v1/static-groups",
headers=headers,
)
print(response.json())
const response = await fetch(
"https://app.neuroflash.com/api/digital-twin-service/v1/static-groups",
{
headers: { Authorization: `Bearer ${access_token}` },
}
);
const data = await response.json();
console.log(data);
req, _ := http.NewRequest("GET",
"https://app.neuroflash.com/api/digital-twin-service/v1/static-groups", nil)
req.Header.Set("Authorization", "Bearer "+token)
resp, _ := http.DefaultClient.Do(req)
defer resp.Body.Close()
var data any
json.NewDecoder(resp.Body).Decode(&data)
fmt.Println(data)
Token Expiration
Access tokens expire after approximately 4 hours (expires_in: 14399 seconds). When your token expires, the API returns a 401 Unauthorized response. Request a new token using the same client credentials flow.
Cache your access token and reuse it until it expires. There is no need to request a new token for every API call.
Scopes
The required scope for the neuroflash API is:
openid
This scope grants access to all neuroflash API services that your service account has been provisioned for.