For the purpose of mobile devices and desktop applications, the API used in Startquestion is implemented in the OAuth2 standard.

Header Bearer

Using API requires to add a bearer token to each request in the Authorization header; example:

Authorization: Bearer <token>


The token has to be generated beforehand using the following request:

url: auth.startquestion.com/token 
method: POST

post parameters:
- grant_type: client_credentials
- client_id: string
- client_secret: string

The token is valid for 1 hour.

The number of generations of the new token is limited in a time of one hour.
We recommend saving the token on the part of the application creating the request (e.g. file or cache) and generating a new one after its expiry (in the case of occurrence of code 401).

Grant_type client credentials are supported.

Testing the connection.

You can test the API connection using standards tools, such as POSTMAN.

Did this answer your question?