Skip to main content
The Channel API is invite only. This page is for partners who have already been issued a channel.* client ID and secret by Fourthwall.
Each channel is issued its own OAuth2 client and authenticates with the client credentials grant.

1. Request an access token

Exchange your client ID and secret for a short-lived access token at the Fourthwall token endpoint. Credentials are sent with the client_secret_basic method — that is, as HTTP Basic Auth on the token request itself, not in the form body. 
curl -X POST \
  "https://auth.fourthwall.com/auth/realms/Fourthwall/protocol/openid-connect/token" \
  -u "$CHANNEL_CLIENT_ID:$CHANNEL_CLIENT_SECRET" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials"
Send the client ID and secret in the Authorization: Basic header, not in the request body. Submitting them as body parameters returns 401 invalid_client.
The response contains an access_token and its expires_in lifetime. Tokens are short-lived — request a new one when the current token expires rather than caching it indefinitely.

2. Call the Channel API

Pass the access token as a Bearer token on every Channel API request.
cURL
curl "https://api.fourthwall.com/channel-api/v1.0/channel/current" \
  -H "Authorization: Bearer $ACCESS_TOKEN"
Use https://auth.fourthwall.com and https://api.fourthwall.com for production. For testing against staging, swap in https://auth.staging.fourthwall.com and https://api.staging.fourthwall.com.