Authentication

Most MessageNet API endpoints require authentication. You may either use an OAuth access token or use Basic Authentication.

OAuth Access Token

MessageNet currently supports the OAuth 2 draft specification. All OAuth2 requests MUST use the SSL endpoint available at https://api.messagenet.com.au

OAuth 2.0 is a simple and secure authentication mechanism. It allows applications to acquire an access token for MessageNet via a request to the MessageNet site. Once an application has an access token, it can access data for the account

Exchanging a Username and Password for an Access Token

Resource Owner Credentials Grant

MessageNet supports the Resource Owner Credential Grant flow of the OAuth2 specification to exchange a user's MessageNet username and password for an access token. A POST request is made to /v2/oauth/access_token with grant_type set to password. For example

POST /v2/oauth/access_token HTTP/1.1
Host: api.messagenet.com.au
Content-Type: application/x-www-form-urlencoded

grant_type=password&username=MessageNetUsername&password=MessageNetPassword

And an example response

HTTP/1.1
Content-Type: application/json; charset=UTF-8
Content-Length: 399

{
"access_token":"g-NmUrYEUr3h8idHtIAY9cvu_o6fU9xy0R2wzj_Ko994p3bDRtMXh1V2HC65XWZHNx21GhxaJgu8md9r-4Y8YCLC0FBnQvN0FcdLsoa2tuov6ZJHuHj6bpY3k9pOdlEDTiZfPopllc8UCFyhGZgv0cWQTNLV6-r4JSNLXqQWlB80wyk3KOYja8N3eTvPgt1aG4jSNqm9NC4-Khyvi9ee5W_CBgllwZyt2_r3iF06YKTqC6V2",
"token_type":
"bearer",
"expires_in":3599,
"scope":"send",
".issued":"Fri, 26 Jun 2015 05:47:37 GMT",
".expires":"Fri, 26 Jun 2015 06:47:37 GMT"
}

The access token is then used to create an Authorization header for all OAuth2 protected API methods:

Authorization: Bearer your_access_token

Note the space character between Bearer and the access token.

Parameters for Resource Owner Credential Flow
  • grant_type - must be password.
  • username - the user's MessageNet username.
  • password - the user's MessageNet password.

Basic Auth

For some applications it is impractical to acquire an access token before making subsequent calls, such as when integrating a third party platform with MessageNet. For this MessageNet allows standard Basic Authentication.

Authorization Header

Messagenet supports Basic Auth via the Authorization HTTP request header.

  • Authorization Type must be set to 'Basic'
  • The username and the password are combined with a colon. ex: (aladdin:opensesame).
  • The resulting string is base64 encoded. ex: (YWxhZGRpbjpvcGVuc2VzYW1l).
  • Username and Password used are your Messagenet Username/Password.

An example request.

POST /v2/account/balance
Host: api.messagenet.com.au
Content-Type: application/x-www-form-urlencoded
Authorization: Basic YWxhZGRpbjpvcGVuc2VzYW1l