Using the Ship API requires the use of tokens (Client IDs and Client Secrets). This article will explain how to generate it.
Please note that only "owner" and "admin" users have access to the API Configuration page. It is recommended to create a specific admin user for API interaction. If you are unfamiliar with the user types and roles used in nShift Ship, we recommend reading this article: Understanding user types and roles.
Creating a Client ID and Client Secret
- Log into nShift Portal with your owner user.
- Click on Settings in the top right corner.
- Choose API Configuration > Clients in the left side menu.
- On the Clients page, click the Add button.
- In the dialog box, fill in Display name and Description. Choose a name and a description that will make it easier to identify the Client ID later on. Check the Enabled box to enable it right away. (You may enable or disable the token at any time after it has been created).
- Choose Shipment Server (public_api_shipmentserver) under Allowed Scopes. Allowed scopes are the APIs you need access to.
- Click Save. Your Client Id and Client Secret will now be generated and displayed on the screen. Important: Note your Client ID and Client Secret. The Client Secret will NOT be available after you close the popup.
- Once you close the popup, the Client ID will be listed on the Clients page. You can click on a Client ID at any time to edit or delete it or to enable/disable it. If you have a long list of IDs, you can use the filter option at the top to show only enabled or disabled tokens.
Getting an access token
Use your Client ID and Client Secret to generate an access token needed for requests to the Ship API V2. This is done by making a POST request to the following token endpoint:
https://account.nshiftportal.com/idp/connect/token
Specify the Client ID, Client Secret and grant type in the language and framework used by your company.
Sample:
POST https://account.nshiftportal.com/idp/connect/token
Cache-Control: no-cache
Host: www.nshiftportal.com
Content-Type: application/x-www-form-urlencoded
client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=client_credentials
If the request is valid and the client is configured correctly, you will get back a JSON response:
{
"access_token": "some-real-token-data-dskjfhsuijkdhfgjkasjdgfhqoeiefoiknsoidfgvoiltgjvpdrofjmwpkldujrftvoifgkhbnilsakjprotglijkqp2owrlfjkvmowrifgho2qw9ouejifpe9rodtuj3-0porfij9odtujgw0etioyh",
"expires_in": 3600,
"token_type": "Bearer"
"scope": "public_api_shipmentserver"
}
See the article: How to - Authenticate