Security API
The Security API (SSO) provides endpoints for authentication, token retrieval, and authenticated user information retrieval.
📥 Postman Collections for this section
Get Token - Client credentials authentication
Full SSO - OpenID Connect flow
Available Endpoints
Authentication
- Get Token - Gets access token using client_credentials
User Data
- UserInfo - Retrieves basic user information (email, full name, and ID)
- Profile - Gets the complete user profile
URLs
| Method | URL | Action | Description |
|---|---|---|---|
| POST | /api/token | Authenticate | Gets access token using client_credentials |
| GET | /api/userinfo | View | Retrieves basic user information |
| GET | /api/profile/{clientId}?identity={identity} | View | Gets the complete user profile |
Environments
Production:
{security-producao}=https://security.fanbase.com.br
Staging:
{security-homologacao}=https://security.fantest.com.br
Authentication
Security endpoints use different authentication methods:
- Get Token: Uses
grant_type: client_credentialswith client credentials - UserInfo and Profile: Require access token obtained through OAuth 2.0 flow
Credentials
To use Security endpoints, you need:
client_id: Client ID provided by Fanbaseclient_secret: Client secret provided by Fanbase
These credentials must be kept secret and never exposed in the frontend.