Check that your Authorization header is as described in section 2.1 of RFC 6750, The OAuth 2.0 Authorization Framework: Bearer Token Usage.
GET /resource HTTP/1.1
Host: server.example.com
Authorization: Bearer mF_9.B5f-4.1JqM
Check that your Authorization header is as described in section 2.1 of RFC 6750, The OAuth 2.0 Authorization Framework: Bearer Token Usage.
GET /resource HTTP/1.1
Host: server.example.com
Authorization: Bearer mF_9.B5f-4.1JqM
Authorization Code = 1 min
Access Token = 30 Minutes
Refresh Token = 90 days
Authorization Code - granted after authorizing client application with Digikey.com login credentials, used to receive an access token.
Access Token - used to make requests
Refresh Token - used when Access Token is expired. Submit refresh token to receive valid Access Token.
Authorization Code = 1 min
Access Token = 30 Minutes
Refresh Token = 90 days
Authorization Code - granted after authorizing client application with Digikey.com login credentials, used to receive an access token.
Access Token - used to make requests
Refresh Token - used when Access Token is expired. Submit refresh token to receive valid Access Token.
During the authorization process a password form is presented. In this form you will use the credentials for your My DigiKey account.
If you do not have a My DigiKey account it can be created here: https://www.digikey.com/MyDigiKey/Register
If you do not know your My Dig-Key account credentials or username, they can be reset or found here: https://www.digikey.com/MyDigiKey/login
During the authorization process a password form is presented. In this form you will use the credentials for your My DigiKey account.
If you do not have a My DigiKey account it can be created here: https://www.digikey.com/MyDigiKey/Register
If you do not know your My Dig-Key account credentials or username, they can be reset or found here: https://www.digikey.com/MyDigiKey/login
The Refresh Token expires in 90 Days, unless:
- It is exchanged for a new Access Token (and a new refresh token).
- The registered application's client id or client secret is reset, all tokens will become invalidated.
The Refresh Token expires in 90 Days, unless:
- It is exchanged for a new Access Token (and a new refresh token).
- The registered application's client id or client secret is reset, all tokens will become invalidated.
Please visit DigiKey's GitHub page for a C# / Java Client Library with OAuth2 here DigiKey GitHub Repository.
Please visit DigiKey's GitHub page for a C# / Java Client Library with OAuth2 here DigiKey GitHub Repository.
If you do not have the infrastructure setup to handle responses from DigiKey, you can use the initial value of https://localhost
If you do not have the infrastructure setup to handle responses from DigiKey, you can use the initial value of https://localhost
DigiKey has found that the implementation of OAuth 2.0 is the simplest way to mutually be assured of a user's identity, as well as the user's permitted access to our APIs. For the reason that sensitive information is exposed by our APIs, DigiKey will only allow clients authenticated via OAuth 2.0 access.
DigiKey has found that the implementation of OAuth 2.0 is the simplest way to mutually be assured of a user's identity, as well as the user's permitted access to our APIs. For the reason that sensitive information is exposed by our APIs, DigiKey will only allow clients authenticated via OAuth 2.0 access.
How do I get an access token so my application can call your API's?
When invoking an API from your application, you will need to pass along an access token. The access token can be obtained by making API calls to DigiKey's Authorization Server. Please see our OAuth 2.0 documentation for more details.
How do I get an access token so my application can call your API's?
When invoking an API from your application, you will need to pass along an access token. The access token can be obtained by making API calls to DigiKey's Authorization Server. Please see our OAuth 2.0 documentation for more details.
The Client ID is registered to your client application and is needed to access the APIs.
A Customer ID is registered to your My DigiKey account. A Customer ID can be passed into an API request when your account has more than one Customer ID registered.
You may have more than Customer ID if your My DigiKey account uses different currencies or has multiple users registered to it.
The Client ID is registered to your client application and is needed to access the APIs.
A Customer ID is registered to your My DigiKey account. A Customer ID can be passed into an API request when your account has more than one Customer ID registered.
You may have more than Customer ID if your My DigiKey account uses different currencies or has multiple users registered to it.
Error Message:
{'ValidationErrors': [], 'ErrorDetails': 'Ensure the Authorization header has a valid Bearer token', 'ErrorResponseVersion': '3.0.0.0', 'StatusCode': 401, 'RequestId': '98cc4acc-2335-4121-9aba-ddc65fe2be40', 'ErrorMessage': 'The Bearer token is invalid'}
Verify the value of the Authorization header is prefixed with "Bearer"
e.g.: "Authorization": "Bearer xGr69sdAjLmnAHwGF4R1HedfDHl3j"
The word "Bearer" must be sent or else you will get a Bearer token error.
"Authorization":"Bearer <bearertoken>"
Error Message:
{'ValidationErrors': [], 'ErrorDetails': 'Ensure the Authorization header has a valid Bearer token', 'ErrorResponseVersion': '3.0.0.0', 'StatusCode': 401, 'RequestId': '98cc4acc-2335-4121-9aba-ddc65fe2be40', 'ErrorMessage': 'The Bearer token is invalid'}
Verify the value of the Authorization header is prefixed with "Bearer"
e.g.: "Authorization": "Bearer xGr69sdAjLmnAHwGF4R1HedfDHl3j"
The word "Bearer" must be sent or else you will get a Bearer token error.
"Authorization":"Bearer <bearertoken>"