02 - API Authentication and Access

The following information provides details on how to gain access to 3E APIs.

Request API Credentials for Authentication

All endpoints require authentication. 3E APIs use OAuth 2.0 and client credentials flow. Contact Thomson Reuters Support to gain access to your 3E APIs. Thomson Reuters Support will provide the client credentials needed to access your APIs.

Create an Authentication Token

To create a new token, send a POST request to the Thomson Reuters authentication endpoint. Thomson Reuters will provide the client id, client secret, audience, and the authentication endpoint URL.

Sample curl request:

curl --request POST <auth_url> \

--header 'content-type: application/x-www-form-urlencoded' \

--data "client_id=<client_id>&client_secret=<client_secret>&grant_type=client_credentials&audience=<audience>"

The response will include an access token along with an expiration period which can be passed to subsequent API requests and can be used until the token expires.

If using Postman, the same can be achieved by sending those values in the body of the request as shown below:

Note: It is important not to pass client credentials through the Params section of Postman. This action will revoke client credentials due to security concerns with them being passed unencrypted over the public internet.

The following graphic illustrates a successful response:

Make an API Request

The access token retrieved in the previous step must be passed in the Authorization header of all requests.

Sample curl request:

curl --request GET <base_url>/3eapi/api/v1/matter?MattIndex=1 \

--header "Authorization: Bearer <access_token>"

Control Access to the APIs

All 3E APIs are run under the context of the Integration user and respect process-level security. In order to call an endpoint, the Integration user must have access to the related process.

For example, to call /api/v1/Matter endpoint, the Integration user must have access to the Matter Maintenance process. Access can be given to individual processes or through role assignment. The ID of the user that requires access is 3eappintegrationuser with the name Internal user for IntegrationService *** DO NOT Modify.