How to make a request to your MATTR VII tenant
MATTR VII capabilities are available through a suite of APIs, which means that to interact with your MATTR VII tenant, your implementation needs to make API requests to different endpoints.
This guide provides an overview of the steps required to make an API request to your MATTR VII tenant:
- Choose an endpoint.
- Obtain an access token (for protected endpoints).
- Construct the request.
- Handle the response.
We recommend using the MATTR VII Postman collection to make requests to your MATTR VII tenant. While this isnβt an explicit prerequisite it can really speed things up.
Prerequisites
- Access to a MATTR VII tenant (Complete the sign up form for a free trial).
- Login credentials provided as part of your onboarding process.
If you have not received your login credentials or have any questions, please contact us before proceeding.
Choose an endpoint
Select a MATTR VII endpoint to make a request to:
- The API Reference offers an exhaustive list of all available endpoints and their request structures in different languages.
- The Guides section can be used to learn what endpoints are required for specific capabilities and workflows.
Obtain an access token
Request
Most of the MATTR VII endpoints are protected and require providing a bearer access token when making a request. If you are making a request to an unprotected endpoint, you do not need to obtain an access token and can continue to the next step.
Refer to the API Reference to determine which endpoints are protected and which are public.
Use your login credentials and make a request of the following structure to obtain an access token:
POST https://{auth_server}/oauth/token
auth_server
: Replace with theauth_url
value from your login credentials.
Request body
{
"client_id": "F5qaeLDdbvnU9zhA0j4eHUGCHwC1bKtt",
"client_secret": "Wzc8J**********************************************************",
"audience": "learn.vii.au01.mattr.global",
"grant_type": "client_credentials"
}
client_id
: Replace with theclient_id
value from your login credentials.client_secret
: Replace with theclient_secret
value from your login credentials.audience
: Replace with theaudience
value from your login credentials.grant_type
: Always useclient_credentials
as a static value, regardless of your specific login credentials.
Response
{
"access_token": "eyJhb********************************************************************",
"expires_in": 14400,
"token_type": "Bearer"
}
The returned access_token
value is a temporary token that must be used as a bearer token for all
subsequent requests to protected endpoints on your tenant.
You will need to obtain a new access token whenever it expires. Our Postman collection includes a pre-request script that obtains an access token when it is missing or has expired.
Construct the request
Use the selected endpoint path and the auth_url
value from your
login credentials to construct the request:
{method} https://{tenant_url}/{path}
For example, a request to
retrieve all IACAs from a
tenant whose tenant_url
is learn.vii.au01.mattr.global
should be constructed as follows:
GET https://learn.vii.au01.mattr.global/v2/credentials/mobile/iacas
If the operation has a request body you should structure it too, based on the details provided in the API Reference or Guides.
Whatever tool or language your are using to make the request, make sure you include the
access_token
in the request header when making requests to protected endpoints. Refer to the
API Reference for request samples.
Handle the response
The endpoint would respond with a standard HTTP status code and a response body. These differ between endpoints and are detailed in the API Reference.
You can now adjust your implementation to handle these responses to achieve the desired outcome.