Step 1: Authenticate

🕑
This step is required before making any subsequent calls on the 360Learning platform.

API v2 uses the OAuth 2.0 framework with the Client Credentials grant type for secure, server-to-server authentication and authorization.

To authenticate, generate an access token using the customer’s API credentials collected before starting the integration process.

Step 1: Create an access token

Exchange the API credentials for an access token using the

Create an access token endpoint. If successful, the authorization server responds with an access token

Example request

curl --request POST \
     --url https://app.360learning.com/api/v2/oauth2/token \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "grant_type": "client_credentials",
  "client_id": "your_client_ID",
  "client_secret": "your_client_secret"
}
'

Example response

{  
  "token_type": "Bearer",  
  "access_token": "your_access_token",  
  "expires_in": "3600"  
}

Step 2: Make an authenticated request

All requests to our API v2 must include:

A valid access token in the Authorization header.
The version in the 360-api-version header.

Example request

curl --request GET \
     --url https://app.360learning.com/api/v2/groups \
     --header 'accept: application/json' \
     --header '360-api-version: v2.0' \
     --header 'authorization: Bearer your_access_token'

Step 3: Handle token expiration

Access tokens expire after 1 hour, so you must request a new token periodically. Set up a process to automatically re-authenticate when the token expires.