Every call to the TNID endpoint must be authenticated and authorized. This is implemented using a Bearer Token.
To request a token, a call must be made to a token endpoint, using a number of credentials. When the credentials are validated, the endpoints responds with an access token with a limited lifetime (300 seconds or 5 minutes). After that a new access token must be requested.
To prevent supplying a username and password every time the token endpoint is called, the token endpoint can also supply a refresh token that can be supplied instead of the user/password credential. To indicate that the refresh token is used, the parameter grant_type must have the value refresh_token while in the case of user/password credentials the value password is used.
Article is closed for comments.