Skip to main content

Getting Started

All direct calls to v3 Local Logic APIs use access tokens (JSON Web Tokens) to authorize requests.

Token Retrieval: POST oauth/token

POST oauth/token

Tokens can be retrieved from the https://api.locallogic.co/oauth/token endpoint with a client_id and a client_secret as parameters, which we will send to you privately. Make sure to keep these credentials in a safe place.

Body Parameters

The follow parameters should be sent in the request body in JSON format in order to retrieve a token:

ParameterStatusDescription
client_idrequiredClient ID provided to you via a 1Password secure link when you become a Local Logic client. Save this value and do not share!
client_secretrequiredClient Secret provided to you via a 1Password secure link when you become a Local Logic client. Save this value and do not share!
audienceoptionalThis parameter is used when fetching a JWT to be used with IOReports API.

Response Example

POST https://api.locallogic.co/oauth/token with the following body parameters

{
    "client_id": "{CLIENT_ID}",
    "client_secret": "{CLIENT_SECRET}"
}

will return a response similar to the following:

{
  "access_token": "{YOUR_ACCESS_TOKEN}",
  "token_type": "Bearer"
}
warning

The flow depicted here is for back-end code. You MUST NOT put client_id or client_secret in front-end clients as it would result in a secret exposure. (Anyone could look at the code and steal these credentials.)

If you need to reach the API with a front-end client, turn to the SDK. If you have a special use case, reach out to support.

Token Usage

This token must be used in the Authorization Header for all v3 API requests. Remember to include the word Bearer at the beginning of the authorization string.

Issued tokens expire within 24 hours of retrieval to improve security (if a token is somehow leaked, it won’t be usable forever), so we recommend retrieving the token just prior to all v3 API calls. For example, in NodeJS it could be implemented as follows:

var fetch = require("node-fetch");

// Call authorization API
fetch('https://api.locallogic.co/oauth/token', {
  method: 'POST',
  headers: {
        'Content-Type': 'application/json'
  },
  body: JSON.stringify({client_id: '<CLIENT_ID>', client_secret: '<CLIENT_SECRET>'})
})
.then(authResponse => authResponse.json())
.then(authBody => {
  var accessToken = authBody.access_token;
  // Call v3 API with access token
  return fetch('api.locallogic.co/v3/<resource>?' + new URLSearchParams({
    lat: 41.847206,
    lng: -87.668825
  }), {
    method: 'GET',
    headers: {
      Accept: 'application/json',
      Authorization: 'Bearer ' + accessToken
    }
  })
})
.then(response => response.json())
.then(body => {
  // Successful API call
  console.log(body)
})
.catch(error => {
  // Handle error
  console.log(error);
});