Because TI store APIs are secured using OAuth 2.0, you must pass an access token when sending a request. To obtain an access token, call our OAuth API at

For a successful request, note that:

  • We use the client credentials flow.
  • The "Content-Type" must be "application/x-www-form-urlencoded".
  • The request should be sent to the appropriate URL above without any additional query parameters.
  • The request parameters (grant_type, client_id, client_secret) must be in the request body, sent in a string, separated by "&" without any further encoding.
    For example: "grant_type=client_credentials&client_id=[CLIENT_ID]&client_secret=[CLIENT_SECRET]"
  • The access token is valid for 60 minutes. Before using the token in other APIs, check whether the access token has expired.
curl --request POST \   
       --url \   
       --header 'Content-Type: application/x-www-form-urlencoded' \   
       --data grant_type=client_credentials \   
       --data client_id=XXXXXXXXXXXXXXXXX \   
       --data client_secret=XXXXXXXXXXXXXXXXX

Response for a successful request:

    "access_token": "MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3",
    "token_type": "bearer",
    "expires_in": 3599,
    "scope": "",
    "application_name": "app_name",
    "": "",
    "issued_at": "1582220284531",
    "client_id": "IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk"

Example payload and header of an access token request from Insomnia client: