Documentation

Grow

Unity Ads Android SDK

Unity Ads iOS SDK

LevelPlay SDK

Open Unity Dashboard

Grow

API Authentication

Authenticate your API requests with the Tapjoy Offerwall API to manage campaign data and performance.
Read time 1 minuteLast updated a day ago

Requesting access

Requests are authenticated using a standard two-legged OAuth2 flow: an 
access_token
is requested using an encoded API Key, and the resulting 
access_token
is used to authenticate against future requests. As an Advertiser, you can find this key in the Ad dashboard.
API key for advertiser shown in dashboard
 Access tokens have a 1-hour lifetime and cannot be refreshed. When a token expires you must request a new one with your Reporting API Key/Marketing API Key. To request an access token you must send a POST request with an Authorization header using your API Key. If the credentials are valid the response will include an access token and the number of seconds until the token expires.

Example request

The following example shows the required headers for a token request. 
POST /v1/oauth2/token Host: api.tapjoy.com Authorization: Basic <API Key> Accept: application/json
The following example shows the same request using curl. 
curl -H "Authorization: Basic <API Key>" -X POST https://api.tapjoy.com/v1/oauth2/token
The following example shows how to request an access token and make an authenticated GraphQL query using Ruby. 
require 'json'require 'net/https'access_token = "<OAuth Token>"query = <<~ENDquery {  user {    firstName  }}ENDjson = JSON.dump({query: query})http = Net::HTTP.new('api.tapjoy.com', 443)http.use_ssl = truerequest = Net::HTTP::Post.new('/graphql')request['Authorization'] = "Bearer #{access_token}"request.body = jsonresponse = http.request(request)result = JSON.parse(response.body)data = result['data']errors = result['errors']

Successful response

A successful request returns a 200 status with an access token and its expiry duration in seconds. 
status 200 { "access_token": "token_string", "token_type": "bearer", "expires_in": 3600, "refresh_token": null }

Unsuccessful response

If the API Key is invalid or missing, the request returns a 401 status. 
status 401{ "error": "Unauthorized" }

Using the access token

When you have an 
access_token
, requests can be made to the API. The 
access_token
should be sent with every request in the Authorization header with a type of "Bearer". If the 
access_token
has expired or does not exist the response will have a status of 401 Unauthorized.

Example request

The following example shows the required headers for an authenticated API request. 
POST /v4/audiences Host: api.tapjoy.com Authorization: Bearer <token_string> Accept: application/json

Missing or invalid token response

If the access token is missing or has expired, the request returns a 401 status. 
status 401 { "error": "Unauthorized" }