Authentication

CPL API supports an authentication method based on a Bearer token using the OAuth 2.0 protocol. This type of authentication provides a secure and flexible way to access protected API resources.

Authentication Requirements

GET/INFO Method: This method does not require authentication and can be called without logging in.

All Other Methods: These require HTTP authentication using a valid Bearer token.

To access the API, you must meet the following requirements:

Enable OAuth 2.0:
Request CPL support to enable OAuth 2.0 access and obtain your client credentials (Client ID and Client Secret).

Generate an Access Token:
Log in to the service using your Client ID and Client Secret.
Send a request to the URL designated for issuing tokens (https://api.dhl.com/ecs/ppl/myapi2/login/getAccessToken).

Security Guidelines

Due to the nature of this authentication, it is MANDATORY to use the HTTPS protocol exclusively. This ensures encrypted communication and protects sensitive data during transmission.

Access Token Validity

The access token is valid for 30 minutes.

After expiration, the token must be refreshed.

The maximum number of tokens that can be generated is 12 tokens per minute.

Recommendations

Secure Storage of Tokens:
Access tokens and the Client Secret should never be stored in source code or in publicly accessible locations.

Automatic Token Refresh:
Implement a mechanism to automatically refresh the token before it expires.

Use HTTPS for All Requests:
Never send tokens or credentials over an unencrypted connection (HTTP).

Common Issues

Invalid Token: Check that the access token has been correctly included in the Authorization header.
Expiration: If the token has expired, generate a new one.
Authentication Errors: Ensure that you are using the correct Client ID and Client Secret.

Authentication Requirements#

Security Guidelines#

Access Token Validity#

Recommendations#

Common Issues#

Authentication Requirements

Security Guidelines

Access Token Validity

Recommendations

Common Issues