Skip to main content

ASM Application Authentication

The ASM Application Authentication API call generates the Access Token, a prerequisite for all Retail Media API calls requiring authentication.

The Access Token obtained from this API call remains valid for 25 hours. It's advisable to store and reuse the token on the server side for 24 hours across all Retail Media API calls, regenerating a new Access Token every day.

Creating an Access Token before each API call increase latency. Although there's no strict limit for Auth calls, we enforce fair usage policies.

  • Method: POST

  • URL: https://<PA_RM_END_POINT>/rm/1.0/auth

  • Headers:

    • Content-Type: application/x-www-form-urlencoded

  • Body Parameters:

    • applicatoin_id [REQUIRED]: Provided to your company, by PA.

    • application_secret [REQUIRED]: Provided to your company, by PA.

    • grant_type [REQUIRED]: Should always be client_credentials.

  • Returned Payload:

    {
      "access_token": "xxxxxxxxxxxxxxxxxxxxxx",
      "expires_in": 90000,
      "token_type": "Bearer"
    }

    • access_token: The token used as a bearer token for authenticating all subsequent API calls.

    • expires_in: Duration in seconds during which the token remains valid.

    • token_type: Type of token.