# Access Tokens

### Step 1 - Generate an API key

Follow the [steps here](https://manual.firstresonance.io/api/api-keys) to create an API key.

The API key will include a **clientId** and **clientSecret.** 

### Step 2 - Get an access token

Make the API call shown below and update the following variables:

* CLIENT\_ID: the **clientId** from the previous step
* CLIENT\_SECRET: the **clientSecret** from the previous step
* AUTH\_SERVER: The URI for the auth server (see table below)

| App URI                                                                   | Auth Server                          | API Endpoint                                  |
| ------------------------------------------------------------------------- | ------------------------------------ | --------------------------------------------- |
| <p>staging.firstresonance.io</p><p>or</p><p>sandbox.firstresonance.io</p> | staging-auth.buildwithion.com        | <https://staging-api.buildwithion.com>        |
| app.firstresonance.io                                                     | auth.buildwithion.com                | <https://api.buildwithion.com>                |
| <p>staging.ion-gov.com</p><p>or</p><p>sandbox.ion-gov.com</p>             | auth-staging-gov.buildwithion.com    | <https://api-staging-gov.buildwithion.com>    |
| app.ion-gov.com                                                           | auth-production-gov.buildwithion.com | <https://api-production-gov.buildwithion.com> |
| staging.ion-aus.com                                                       | auth-staging-aus.buildwithion.com    | <https://api-staging-aus.buildwithion.com>    |
| app.ion-aus.com                                                           | auth-production-aus.buildwithion.com | <https://api-production-aus.buildwithion.com> |

```
$  curl -X POST \
        --data-urlencode "grant_type=client_credentials" \
        -d "client_id=CLIENT_ID" \
        -d "client_secret=CLIENT_SECRET" \
    https://<AUTH_SERVER>/realms/api-keys/protocol/openid-connect/token
```

[Here is a script ](https://github.com/FirstResonance/ion-examples/blob/master/utilities/api.py)to get your access token via python. We also have our public repository linked below for some sample scripts.

We have a [public repository published](https://github.com/FirstResonance/ion-examples) for some API queries via python scripts.

The below also shows a very basic python script to query runs from ION.

To use, replace the following:

* ACCESS\_TOKEN: the **access token** from the previous step
* API\_ENDPOINT: The API endpoint for each environment are listed in the table above.

```python
import requests
from urllib.parse import urljoin

access_token = <ACCESS_TOKEN>
api_endpoint = <API_ENDPOINT>


headers = {
    'Authorization': f'{access_token}',
    'Content-Type': 'application/json'
}

GET_RUNS = '''
{
    runs(first: 10) {
        edges {
            node { id title
                steps {
                    id
                    title
                }
            }
        }
    }
}
'''

query = {
    'query': GET_RUNS
}

res = requests.post(urljoin(api_endpoint, 'graphql'), headers=headers, json=query)
print(res.json())
```

If you are using a tool like Postman or Insomnia, be sure to add a `/graphql` to your end point. Example: [`https://staging-api.buildwithion.com/graphql`](https://staging-api.buildwithion.com/graphql)