Skip to content
AlignSure Docs

API Authentication

Authentication Method

Section titled “Authentication Method”

The AlignSure API will use OAuth 2.0 client credentials flow for service-to-service authentication.

Planned Flow

Section titled “Planned Flow”
  1. Register an API client in AlignSure admin settings
  2. Receive a client ID and client secret
  3. Exchange credentials for an access token
  4. Include the access token in API request headers

Token Specifications (Planned)

Section titled “Token Specifications (Planned)”
  • Token type: Bearer
  • Token lifetime: 1 hour
  • Refresh: Request a new token before expiration
  • Scopes: Read-only and read-write scopes per module

Security Requirements

Section titled “Security Requirements”
  • All API requests must use HTTPS
  • Client secrets must be stored securely (never in client-side code)
  • IP allowlisting will be available for additional security
  • All API actions are logged in the audit trail

Notification

Section titled “Notification”

To be notified when API access becomes available, contact your Customer Success Manager or email api@alignsure.com.