Skip to main content

Authenticate to the API

When calling the API, you have to provide an Authentication Token. No matter what token you use, all of them are Bearer tokens and have to be provided in the Authentication header in your request. Example: Authentication: Bearer <your_token_here>

Authentication types

To make sure that we return only the correct data, do you need to authenticate yourself (as MijnKlantportaal user or third party developer) to our API. The way of authentication is decided in what role you talk to the API:
  • MijnKlantportaal user: API Key
  • Third party developer: OAuth Access Token (OAT)

API Key

If you want to access the API for your own customer portal, the best way to authenticate yourself is with an API Key. You can create this API Key in the manage portal. To get access, follow these steps:
1

Log in into your manage portal

Open your manage portal and log in.
2

Create an API Key

Go to ‘Settings API Keys’ and press the Create API key-button in the top right corner. Specify to which scopes this key can get access to.
3

Copy and save the key

Once created, we show you the API Key just once, so save it directly on a secure place.
Treat your API Key like a password. Do not share it with anyone!

OAuth Access Token (OAT)

When you are developing software and want to integrate MijnKlantportaal APIs, you should use OAuth to get access. This is the only way to get access to someone else’s MijnKlantportaal account.
Never ask MijnKlantportaal users for API Keys as third party developer!
To be able to use our OAuth solution, you should register yourself as developer and register your application. To get this done, following these steps:
1

Register yourself as developer

Press the button in the right top corner on this page: “Developer portal”. and register yourself as developer by creating a Developer Account.
2

Create and register your application in the Developer portal

Once you have your developer account and logged in into the Developer portal, you can create (and so register) your application to receive your App ID and App Secret.
Treat your App Secret like a password. Do not share it with anyone!
3

Ask the MijnKlantportaal user for permission

Before you get access to someone’s customer portal, you have to ask permission. Compose an Authorize url with you App ID, the scopes you want access to and the other data we need to ask the user for permission. See the documentation page “xxx” for info.
4

Exchange the Authorization Token for your Access and Refresh Tokens

When the user gave you permission to access their portal, you should exchange the Authorization Token for an Access Token (which gives you access to the API) and Refresh Token (to generate a new Access Token once it expires). Use the “xxx” endpoint for this.
Keep in mind that the user can always revoke your access, and so invalidate your Access and Refresh Tokens.
I