Data will only be provided to authenticated requests. We rely on the OAuth 2.0 Authorization framework to achieve this. All requests to any of our services need to be accompanied by an access token in order to pass authorization. If you do not possess a valid access token, your request will be declined with HTTP status code 401 (Unauthorized).
An access token can be obtained from the Euromonitor Authentication service’s token endpoint. This endpoint supports only the OAuth 2.0 password grant:
| URI | https://api.euromonitor.com/authentication/connect/token |
| Supported verbs | POST |
| Supported request content types | application/x-www-form-urlencoded |
| Required headers | Ocp-Apim-Subscription-Key |
| Request body parameters | |
| grant_type | Always use "password" |
| username | Your Passport username (confirm with your account manager that your user is API enabled) |
| password | Your Passport password |
Given the following parameter value set:
| Requested Parameters | Example Value |
| grant_type | password |
| username | john.doe@organization.com |
| password | Pa$$word123 |
The request to the token endpoint will look like this:
POST https://api.euromonitor.com/authentication/connect/token HTTP/1.1
Host: api.euromonitor.com
Content-Type: application/x-www-form-urlencoded
Ocp-Apim-Subscription-Key: 173bad6f0b319h23add9ad162493915e
grant_type=password&username=john.doe@organization.com&password=Pa$$word123A successful response body will have the following JSON structure:
{
"access_token": "<tokenstring>",
"expires_in": 0,
"token_type": "Bearer"
}The access_token member is the access token that will grant you access to all the other services in the Euromonitor International API. The expires_in member is the lifetime – in seconds – of the access token. When this timespan has passed, the token will expire and you will need to obtain a new token. The token_type member will always return “Bearer” and indicates that the token is of the bearer token type. This defines the use of the token in other service requests.
To use this token in subsequent calls to our other services, set it in the Authorization HTTP header, like this:
Authorization: Bearer <tokenstring>