Authentication
Section titled “Authentication”Overview
Section titled “Overview”The Kleinanzeigen Authentication API provides endpoints for authentication and token management. This API allows clients to obtain access tokens using the client credentials flow.
Base URL
Section titled “Base URL”https://developer.kleinanzeigen.de/v2Endpoints
Section titled “Endpoints”Get Access Token
Section titled “Get Access Token”POST /oidc/token
This endpoint is used to get an access token using the client credentials flow.
Request
Section titled “Request”Content-Type: application/x-www-form-urlencoded
| Parameter | Type | Description |
|---|---|---|
grant_type | string | Must be set to client_credentials |
client_id | string | Your client ID |
client_secret | string | Your client secret |
audience | string | Must be set to consumer-goods-api |
Example Request
Section titled “Example Request”curl --location --request POST 'https://developer.kleinanzeigen.de/v2/oidc/token' \--header 'Content-Type: application/x-www-form-urlencoded' \--data-urlencode 'client_id={your_client_id}' \--data-urlencode 'client_secret={your_client_secret}' \--data-urlencode 'grant_type=client_credentials' \--data-urlencode 'audience=consumer-goods-api'Responses
Section titled “Responses”200 OK: Success
Section titled “200 OK: Success”Returns an access token response with the following properties:
{ "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "token_type": "bearer", "expires_in": 3600}| Property | Type | Description |
|---|---|---|
access_token | string | The JWT access token to be used for API requests |
token_type | string | The type of token, always “bearer” |
expires_in | integer | The number of seconds until the token expires |
400 Bad Request: Invalid Request
Section titled “400 Bad Request: Invalid Request”{ "error": "invalid_request", "error_description": "Description of the error"}Security Considerations
Section titled “Security Considerations”- Keep your
client_secretsecure and never expose it in client-side code. - Access tokens have a limited lifetime as specified in the
expires_infield. - When a token expires, request a new one using the same process.
Error Codes
Section titled “Error Codes”| Error | Description |
|---|---|
invalid_request | The request is missing a required parameter or is otherwise malformed. |
invalid_client | Client authentication failed. |
invalid_grant | The provided authorization grant is invalid. |
unauthorized_client | The client is not authorized to use this grant type. |
unsupported_grant_type | The authorization grant type is not supported. |
For any questions or issues regarding this API, please contact the Kleinanzeigen API team.