Skip to content
  • There are no suggestions because the search field is empty.

Obtain a Bearer token for use with the Casebook API

The Casebook API allows you to create, read, update, and delete data in Casebook. This developer guide introduces common examples to help you get started with the Casebook API.

To interact with the Casebook API, your organization must be licensed for External Data Interoperability (API), included in Casebook Enterprise.

For more help with the Casebook API, get in touch with the Casebook Support team.

Introduction

Casebook API is secured with OAuth 2.0 authentication.  Every request to the Casebook API requires an Authorization header containing a valid OAuth 2.0 Bearer token.

This guide provides instructions and code samples for obtaining a Bearer token for use with the Casebook API.

Prerequisites

Be sure to register an incoming application in Casebook Admin before starting this guide.

Instructions

Get started by noting three key details from your incoming integration:

  1. Navigate to Casebook → Admin → Global → Integrations → Incoming integrations section
  2. Locate the incoming integration which you would like to use
  3. Click the expand button on the external application to display the Client ID and Callback URL
  4. Click the “View client secret” (key) icon to display the Client Secret

Then use the "Obtain a Bearer token" request to exchange these details for a Bearer token.

Obtain a Bearer token

POST <YOUR_CALLBACK_URL>/oauth2/token?client_id=<YOUR_CLIENT_ID>&client_secret=<YOUR_CLIENT_SECRET>&grant_type=client_credentials 
  • Headers:
    • Authorization: Bearer <YOUR_BEARER_TOKEN>
    • Content-Type: application/x-www-form-urlencoded
  • OperationPOST
  • Base URL: <YOUR_CALLBACK_URL>/oauth2
  • Casebook service: N/A
  • Endpoint: /token

  • Query parameters:

    • client_id=<YOUR_CLIENT_ID>
    • client_secret=<YOUR_CLIENT_SECRET>
    • grant_type=client_credentials

Tips

Bearer tokens are valid for one hour, so be sure to refresh your token before each new interaction with the Casebook API

Examples

Postman

Run in Postman

cURL 

curl -X POST "<YOUR_CALLBACK_URL>/oauth2/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "client_id=<YOUR_CLIENT_ID>" \
  -d "client_secret=<YOUR_CLIENT_SECRET>" \
  -d "grant_type=client_credentials"

JavaScript

const clientId = '<YOUR_CLIENT_ID>';
const clientSecret = '<YOUR_CLIENT_SECRET>';
const callbackUrl = '<YOUR_CALLBACK URL>';

async function getAccessToken() {
  const params = new URLSearchParams();
  params.append('client_id', clientId);
  params.append('client_secret', clientSecret);
  params.append('grant_type', 'client_credentials');

  const authenticationResponse = await axios({
    url: callbackUrl + '/oauth2/token',
    headers: { 'Content-Type', 'application/x-www-form-urlencoded' },
    method: 'post',
    data: params,
  });

  const token = authenticationResponse.data.access_token; // ← Look here!

  return token;
}

Python

import requests

url = "<YOUR_CALLBACK_URL>/oauth2/token"

payload = {
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET",
  "grant_type": "client_credentials",
  "redirect_uri": "YOUR_CALLBACK_URL"
}

headers = {
  "Content-Type": "application/x-www-form-urlencoded"
}

response = requests.post(url, data=payload, headers=headers)

if response.status_code == 200:
  token = response.json()["access_token"] # ← Look here!
  print("Access token:", token) 
else:
  print("Error:", response.status_code, response.text)