Documentation

Support

API Authentication

Authenticate your API requests with the Tapjoy Offerwall API to manage campaign data and performance.
Read time 1 minuteLast updated 3 hours ago

Requesting Access

Requests are authenticated using a standard two-legged OAuth2 flow: an
access_token
is requested using an encoded API Key, and the resulting
access_token
is used to authenticate against future requests.
As an Advertiser, you can find this key in the Ad dashboard.
API key for advertiser shown in dashboard
Access tokens have a 1-hour lifetime and cannot be refreshed. When a token expires you must request a new one with your Reporting API Key/Marketing API Key. To request an access token you must send a POST request with an Authorization header using your API Key. If the credentials are valid the response will include an access token and the number of seconds until the token expires. Example Request
POST /v1/oauth2/token 
Host: api.tapjoy.com 
Authorization: Basic <API Key> 
Accept: application/json
curl -H "Authorization: Basic <API Key>" -X POST https://api.tapjoy.com/v1/oauth2/token
require 'json'
require 'net/https'

access_token = "<OAuth Token>"

query = <<~END
query {
  user {
    firstName
  }
}
END
json = JSON.dump({query: query})

http = Net::HTTP.new('api.tapjoy.com', 443)
http.use_ssl = true

request = Net::HTTP::Post.new('/graphql')
request['Authorization'] = "Bearer #{access_token}"
request.body = json
response = http.request(request)

result = JSON.parse(response.body)
data = result['data']
errors = result['errors']
Successful Response
status 200 
{ 
access_token:token_string, 
token_type:bearer, 
expires_in: 3600, 
refresh_token: null 
} 
Unsuccessful Response
status 401
{ 
error:Unauthorized} 

Using the Access Token

When you have an
access_token
, requests can be made to the API. The
access_token
should be sent with every request in the Authorization header with a type of “Bearer”. If the
access_token
has expired or does not exist the response will have a status of 401 Unauthorized.
Example Request
POST /v4/audiences 
Host: api.tapjoy.com 
Authorization: Bearer <token_string> 
Accept: application/json
Missing/Invalid Token Response
status 401 
{ 
“error”: “Unauthorized” 
}