Free Trial

Website

Create a website

Website features

Promote your services with a website that's a doddle to edit

from £8 /month

All price options

Catalogue

Promote your products

Catalogue features

Generate enquiries, or let visitors locate a store to buy

from £25 /month

All price options

Ecommerce

Sell online

Ecommerce features

Start selling your products and manage your orders online

from £29 /month

All price options

Themes

Choose a design

Get started quickly with a pre-designed theme

Browse themes

Design

Custom design

Use any designer to build your site

Using a designer

Examples

Who uses Evance?

Just some sites from our growing community

Our clients

Manual

Using Evance

User manual

Themes

Building themes

Theme design

Blog

Tips, tricks & updates

Get the latest on everything Evance

Visit our blog

    Client Credentials

    Available to Private Apps only. Used when there is no third party involved for service calls or on behalf of the user/account who created the App.

    This is a much simpler process to that of the Authorization Code process and is intended for access to non user specific data.

    Request an access token

    We assume that your Private App is authorised to make requests to the API. However, as with the Authorization Code process you must obtain an Access Token to access data within the API.

    There are two available methods for supplying your client credentials:

    • Post parameters
      Your client credentials are supplied as post parameters in the body of your request.

    • Basic authorization
      Your client credentials are supplied as a username and password within the URL. 

    Your API client makes a POST request to the token endpoint (below) using a content-type of application/x-www-form-urlencoded.


    Token endpoint

    POST https://{account}.evance.me/admin/oauth/token.json

    Replace {account} with the unique identifier for the account.

    Post parameters

    Supply the following POST parameters in the body of the request:

    client_id
    Your App's unique API key.
    client_secret
    Your App's secret key - equivalent to a password.
    grant_type
    Must be set to client_credentials 

    
POST /admin/oauth/token.json HTTP/1.1
Host: {account}.evance.me
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
&client_id=xxxxxxxxxx
&client_secret=xxxxxxxxxx


    Basic authorization

    Evance also supports supplying the client_id and client_secret via Basic Auth. 

    POST https://{client_id}:{client_secret}@{account}.evance.me/admin/oauth/token.json

    Supply the following POST parameters in the body of the request:

    grant_type
    Must be set to client_credentials 

    
POST /admin/oauth/token.json HTTP/1.1
Host: {account}.evance.me
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials


    Access token

    A successful request will receive a JSON response from the server similar to the following:

    {
    "access_token": "43e213757dd5a224ace6ffc22b8c436219c5830b",
    "expires_in": 3600,
    "token_type": "Bearer",
    "scope": null
}

    You now have an access_token with a lifespan of 1 hour, with which to make authenticated requests to the Evance API.

    Refresh tokens

    This grant_type does not deliver a refresh_token

    EV

    Website builder
    Themes
    Partners
    Resources
    Evance

    We're using cookies to improve your experience.