Skip to content

Authenticate Resource

Last updated: August 29, 2022

Note: To change your password, enter your email address into the ARD password form


Fetches or refreshes an access token used for ARD access.

See also Access Token Guide


http method path description
POST /auth/authenticate Use ARD credentials to request an access token or refresh a token.


key value description
Authorization Bearer {{token}} Authentication method for ARD API requests.
Content-Type application/json Applies to POST, PATCH, PUT requests, which require a JSON body.

Get an access token

POST /auth/authenticate
Fetches an access token using Maxar ARD credentials.

Role required: User or Admin

Request body

    "grant_type": "password",
    "username": "user's email address",
    "password": "password set by the user"
parameter value required description example
grant_type password yes Set the grant type to "password" for this request. "grant_type": "password"
username email address yes The email address associated with your Maxar ARD account. Your initial ARD activation email was sent to this address. "username": ""
password your ARD password yes The password you set after activating your ARD user account with a temporary password. "password": "password set by the user"


Status: 200 OK

     "access_token": "eyJraWQiOiJFdFdcLzZ2SnAwUEpPN25scGl...",
     "token_type": "Bearer",
     "expires_in": 43200,
     "refresh_token": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R..."
field description example
access_token This token string allows access to ARD API resources for a duration of 12 hours. "access_token": "eyJraWQiOiJFdFdcLzZ2SnAwUEpPN25scGl..."
token_type The token type will always be the OAuth type "Bearer." token_type": "Bearer"
expires_in A token duration value in seconds. A token is valid for 43200 seconds, or 12 hours. "expires_in": 43200
refresh_token Token string used to refresh a valid token without requiring ARD credentials to be sent. Refresh tokens expire after 30 days. "refresh_token": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R..."

Error response codes

If invalid JSON is sent (required fields missing or invalid types for fields), a 400 Bad Request with a human-readable error message is returned. If the username/password combination is unrecognized, then a 401 Unauthorized response is returned. If the system encountered any other error while processing the request, an 500 Internal Server Error will be returned.

Refresh your access token

POST auth/authenticate

Role required: User or Admin

Request Body

This request takes a JSON request body with the following fields (all fields are required):

    "grant_type": "refresh_token",
    "refresh_token": "{refresh token from GetToken response}"

Request body parameters

parameter value required description example
grant_type refresh_token yes The grant type for this request is "refresh_token." "grant_type": "refresh_token"
refresh_token refresh token yes The refresh token that was supplied in the "Get a token" response. "refresh_token": "{refresh token from GetToken response}"


Returns the same successful response or error codes as the "Get an access token" request.

More Documentation

Access Token Guide

ARD password reset form

Back to top