Authentication

To keep your eCommerce business safe and secure, Ingram Micro uses the OAuth 2.0 protocol. OAuth 2.0 authorizes our APIs with access tokens, instead of username/password credentials. For additional information, visit OAuth 2.0.

How do I get my tokens?

Ensure that you have created an account, and that you have your API Keys (Client ID and Client Secret) for the default sandbox app.

Use this form to request and obtain an access token:

curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 
"grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET" https://api.ingrammicro.com:443/oauth/oauth20/token
Component Description
grant_type: This must be client_credentials.
client_id: Your application's Client ID.
client_secret: Your application's Client Secret

The response returns this information:

"access_token": "eyJz933asdfjdhk41aUWw",
"token_type": "Bearer",
"expires_in": 2592000,

Use the access token

Once you obtain the access_token, use it to make calls to the API by passing it as a Bearer Token in the Authorization header of the HTTP request, as shown:

curl --request POST \ --url 'https://api.ingrammicro.com:443/some-api-endpoint' \
--header 'authorization: Bearer ACCESS_TOKEN

Build the API call

Your API call must contain the following components:

  1. Host:
  2. Authorization Header, with valid access token.
  3. A Request (POST, GET, PUT, DELETE).
    • When submitting data to a resource via POST or PUT, you must submit your payload in JSON.
    • curl --location --request POST 'https://api.ingrammicro.com:443/sandbox/resellers/v5/catalog/priceandavailability' \ 
      --header 'Content-Type: application/json' \ --header 'Authorization: Bearer ' \ --data-raw '