Product Documentation
Home
Start typing to search…

Authentication

The access token is obtained upon successful sign-up or login with a username and password. This token must then be included in the Authorization header as a Bearer token for subsequent API requests.

To get authenticated, a login in url would be provided and through that, credentials, like username and password can be entered, which would be used to get the access token.

When you send a request to authenticate and get the access token, you’ll need to include specific information in the body of your request. The body should contain the following key pieces of data:

  • grant_type: This specifies how you’re requesting the token. It's often set to "client_credentials" when you’re logging in with your username and password.
  • scope: This defines what kind of permissions you’re asking for. The scope could be something like portfolio:read or portfolio:write, depending on what actions you want to perform in the API.
  • audience: This refers to the intended target or resource you want to access. It helps the system understand which part of the API you're requesting access to.

Once you have successfully obtained your access token, you can use it to make authenticated requests to the API. The access token is included in the Authorization header of your request.

Scopes

When you interact with our API, you'll notice that some actions or data access require certain permissions. These permissions are called scopes. Think of them like special keys that unlock different parts of the system. If you don’t have the right key (scope), you won’t be able to access or modify that data.

Scopes are labels that represent a permission or action. For example, a scope might be something like portfolio:read, which means "you can view portfolios," or portfolio:write, which means "you can create or update portfolios.

Example Scopes

Here are some examples of scopes you might see in the API:

  • portfolio:read – This scope allows you to view portfolios.
  • portfolio:write – This scope allows you to create or update portfolios.
  • analyze:write – This scope lets you create or update analyses.

How do I use my access token?

To include the access token in your API request, use the following format in the Authorization header:

Authorization: Bearer YOUR_ACCESS_TOKEN
Replace YOUR_ACCESS_TOKEN with the actual token you obtained during the authentication process. This will authenticate your request and grant access to the protected API endpoints.

My bearer token is always unauthorized what do I do?

Make sure you are including the correct audience in your request.

How can I get access to more scopes?

To get access to more scopes reach out to [email protected] for support.

What are my client credentials?

The client credentials are username and password provided to you, please reach out to [email protected].

How do I verify/get my login URL?

To get a login URL, please reach out to [email protected].

How can I check what scopes I have access to?

Contact to [email protected] learn more about scopes and which scopes you can have access to.

Updated 9 months ago

A division of Picton Mahoney Asset Management.
2ND ENGINETM is a trademark of Picton Mahoney Asset Management.
©2025 Picton Mahoney Asset Management. All Rights Reserved.