How can we help?


0 results found

Authentication/Request Headers

Two methods are provided for authenticating the requests sent using the Axonize REST API ‒ Authorization token and Axonize client ID/client secret, as described below:

Using an Authorization Token

In response to the Login request, Axonize sends a token. This token contains unique user identification information that can be used by a specific user. The token is valid for the next 10 hours.

The following is an example of a request containing an authentication (Authorization) token:

GET /odata/applications/ HTTP/1.1


Authorization: bearer 1234GciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzb2lvdC5hdXRoMC5jb20iLCJhdW1234DaGxZSVJDNDltTkZOSTFteDE3Q2pCMFBFNWc0VnVrYSIsInN1YiI6ImFub255bW91cyIsImlhdCI6MTUxNDcxOTU2OSw1234

appId: 123454D0-4484-4366-81B1-87DDA4912345

Content-Type: application/json

Using API Keys

In addition to the username and password for logging into the Axonize Portal, Axonize support sends you a Client ID and Client Secret that can be placed in the header of each API request.

This Client ID and Client Secret in the request header serve as authentication and specify the Application(s) to which this user is allowed access.

The following is an example of the request containing an authentication Client ID (appId) and Client Secret:

GET /odata/devices/ HTTP/1.1


Content-Type: application/json

clientId : 4A95B4D0-1234-1234-81B1-87DDA49D1234

clientSecret: C86A1234-1234-4EDA-8FD3-17FAF7451234

The Content-Type is always application/json.

The Client ID is the appId.

Use the GetAppSecret function to get additional Client ID and Client Secret credentials for a newly created Application.

Which Application(s) Can a User Access?

The ‘Token or the Client ID/Client Secret’ provided by Axonize to be used for authentication in each request header specifies the Application(s) to which a user is allowed access. This User is granted full access rights to this Application.


The entities in the Axonize REST API are listed at, as shown below:


Each entity has at least the following five requests and may have many more:

  • Get For retrieving information about the entity from Axonize.
  • Post – For adding a new entity in Axonize.
  • Put – For replacing all the fields of an existing entity.
  • Patch – For modifying some of the fields of an existing entity.
  • Delete For deleting an entity from Axonize.