Authenticate with the Teradix API
Get an OAuth token and make your first authenticated request.
The Teradix API lets you sync events, offers and purchase orders with your ERP. All requests are authenticated with an OAuth 2.0 bearer token issued to your organization's API client.
Get your API client
API access is available on Business and Enterprise plans. An admin can create a client (ID + secret) under Settings → Developers.
1. Request an access token
Exchange your client credentials for a short-lived access token. Tokens are valid for one hour — request a new one when it expires.
curl -X POST https://api.teradix.com/oauth/token \
-H "Content-Type: application/json" \
-d '{
"grant_type": "client_credentials",
"client_id": "tx_live_8f2c…",
"client_secret": "sk_live_d41d…"
}'A successful response returns a bearer token:
{
"access_token": "eyJhbGciOiJSUzI1NiIs…",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "events:read offers:read po:write"
}2. Call the API
Pass the token in the Authorization header on every request. For example, to list your open sourcing events:
const res = await fetch("https://api.teradix.com/v1/events?status=live", {
headers: {
Authorization: `Bearer ${accessToken}`,
Accept: "application/json"
}
});
const { data } = await res.json();
console.log(`${data.length} live events`);Token scopes
| Scope | Grants |
|---|---|
| events:read | Read sourcing events and their items |
| offers:read | Read submitted offers and comparison data |
| po:write | Create and update Purchase Orders |
| webhooks:manage | Register and manage webhook endpoints |
Never expose your client secret
Keep the secret server-side. If a secret leaks, rotate it immediately from Settings → Developers — the old secret is revoked the moment you rotate.
OpenAPI specification (YAML)
YAML · 64 KB