1NCE

1NCE Authorization API

OAuth 2.0 client-credentials flow that issues bearer tokens for all 1NCE Management API endpoints. POST /oauth/token (Basic Auth) returns a short-lived access token used to call SIM Management, Order Management, Product Information, Support Management, and 1NCE OS services on api.1nce.com/management-api.

1NCE Authorization API is one of 6 APIs that 1NCE publishes on the APIs.io network, described by a machine-readable OpenAPI specification.

This API exposes 1 machine-runnable capability that can be deployed as REST, MCP, or Agent Skill surfaces via Naftiko.

Tagged areas include Authorization, OAuth, and IoT. The published artifact set on APIs.io includes API documentation, an OpenAPI specification, and 1 Naftiko capability spec.

GitHub OpenAPI

Documentation

📖
Documentation
https://help.1nce.com/api/authorization/

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/1nce/refs/heads/main/openapi/1nce-authorization-openapi.yml
OpenAPI
https://raw.githubusercontent.com/api-evangelist/1nce/refs/heads/main/openapi/1nce-authorization-v2-openapi.yml

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/1nce/refs/heads/main/capabilities/authorization-oauth.yaml

OpenAPI Specification

1nce-authorization-openapi.yml Raw ↑ 
openapi: 3.0.1
info:
  title: Authorization
  description: Documentation of the authentication used for the 1NCE APIs.
  contact:
    name: 1NCE GmbH
    url: https://1nce.com
    email: [email protected]
  version: v2.1.1
servers:
- url: https://api.1nce.com/management-api
tags:
- name: Bearer Authorization
  description: Obtain Bearer Token
paths:
  /oauth/token:
    post:
      tags:
      - Bearer Authorization
      summary: Obtain Access Token
      description: Obtain a token for accessing other 1NCE API resources by using a POST request with a valid username and
        password combination for a 1NCE user account that has the permission to use the API.
      operationId: postAccessTokenPOST
      requestBody:
        content:
          application/json:
            examples:
              Basic_Access_Authentication:
                summary: Basic Access Authentication
                value:
                  grant_type: client_credentials
            schema:
              required:
              - grant_type
              type: object
              properties:
                grant_type:
                  type: string
                  description: Grant Type of the requested access token. The default value is "client_credentials".
                  default: client_credentials
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              examples:
                Success:
                  value:
                    status_code: 200
                    access_token: eyJpzhr...
                    token_type: bearer
                    expires_in: 3600
                    user_id: user
                    score: all
              schema:
                $ref: '#/components/schemas/Bearer_Token_200'
        '400':
          description: Bad Request
          content:
            application/json:
              examples:
                AuthValidationError - Password:
                  value:
                    statusCode: 400
                    errorCode: AuthValidationError
                    message: 'Auth header validation error: Missing attributes ''password'''
                AuthValidationError - Username:
                  value:
                    statusCode: 400
                    errorCode: AuthValidationError
                    message: 'Auth header validation error: Missing attributes ''username'''
                BodyValidationError - Grant Type:
                  value:
                    statusCode: 400
                    errorCode: BodyValidationError
                    message: 'Request body validation error: Missing attributes ''grant_type'''
                BadCredentials - Not Existing User:
                  value:
                    statusCode: 400
                    errorCode: BadCredentials
                    message: User does not exist.
                UnsupportedContentTypeError:
                  value:
                    statusCode: 400
                    errorCode: UnsupportedContentTypeError
                    message: Content-Type not supported
              schema:
                $ref: '#/components/schemas/Bearer_Token_400'
        '404':
          description: Not Found
      deprecated: false
      security:
      - BasicAuthentication: []
components:
  schemas:
    Bearer_Token_200:
      title: Bearer Token 200 Response
      type: object
      properties:
        status_code:
          type: integer
          description: Response HTTP status code for the executed request towards the 1NCE API. Status 200 indicates a successful
            request and response.
          enum:
          - 200
          default: 200
        access_token:
          type: string
          description: The generated Access Token for using as authentication token for other 1NCE API requests.
          example: eyJpZHRva2V...
        token_type:
          type: string
          description: The type of token returned. The 1NCE API used Bearer tokens for general authentication.
          default: bearer
        expires_in:
          type: integer
          description: Time in seconds until the returned 1NCE API Bearer Token is expired and a new token has to be queryied.
          default: 3600
        userId:
          type: string
          description: User ID type of the returned token.
          default: user
        scope:
          type: string
          description: Scope access level of the returned token.
          default: all
      description: Response of querying the access token for the 1NCE API.
    Bearer_Token_400:
      title: Bearer Token 400 Response
      type: object
      properties:
        statusCode:
          type: integer
          description: HTTP status code 400 (Bad Request) indicating that there was an issue with the request towards the
            1NCE API. Please double check the executed API request.
          default: 400
        errorCode:
          type: string
          description: String error code indicating the reference error.
          enum:
          - BadCredentials
          - AuthValidationError
          - BodyValidationError
          - UnsupportedContentTypeError
          example: AuthValidationError
        message:
          type: string
          description: String explanation of the error that occurred.
          example: 'Auth header validation error: Missing attributes ''password'''
      description: Response of querying the access token for the 1NCE API.
  securitySchemes:
    BasicAuthentication:
      type: http
      scheme: basic
      description: Basic authentication used for obtaining the Bearer Authentication Token. The Bearer Token can then be used
        to make any further API calls towards the 1NCE API.