General Setting
Modified on: 2025-10-28 19:11
TABLE OF CONTENTS
Authorization
To access the AI Voice API, DerbySoft provides each client with a ClientID and ClientSecret, which are used to generate access tokens.
Credential Lifecycle
- Your ClientID and ClientSecret are valid for 180 days.
- DerbySoft will send advance reminders to update your credentials before they expire.
Access Token Generation
- Use your ClientID and ClientSecret to request an access token, which is valid for 24 hours.
- This token must be included in the Authorization header of all API requests.
https://{domainName}/authorizer/token?client_id={client_id}&client_secret={client_secret}&grant_type=client_credentialsToken Validation
- If an invalid or expired token is used, the API will respond with HTTP status 401 Unauthorized.
{
"expires_in": 84400
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJrZXkiOiJKV1QtVEVTVCIsIm5iZiI6MTcyNTQxOTk5NywiaXNzIjoiZGVyYnlzb2Z0IiwiaWF0IjoxNzI1NDIwMTE3LCJkaXMiOiJKV1QtVEVTVCIsImp0aSI6ImJmZjZkYjY4OTNlOTQxYWNiM2Y1MjUwOWIyZDA3ZmU3IiwiZXhwIjoxNzI1NDIzNzE3LCJzdWIiOiJkZXJieXNvZnQgZGdhdGV3YXkgVjIiLCJhdWQiOlsiSldULVRFU1QiXX0.MqBR5kKY-uy3gtqv7IeqAawul3OCQLO1DhZ3wdoxWNZ7FZYb-AJwlgqGHXyjj_oJuiqPGeMfI_44TonIGfXfkqhtcE2nScTtVGeeVAA2NTzZSEGD5GLxJZ4rrTILUq9zLGDc0z44edo36g_kw_NuSjlBvq2l9BDJ793jxjijQ4aaoVJZslYQmFh-1uLSMy0aCCdfceUp8-YO7Bh3eWE0PFyZvDCU4O2mZKASuK4Jc4rf-XCNP8rLJpM03Aurek3AeRBcTOtfJDMW9vFGQ-g4BOXhEa0hVz8qQGFwLVY94dc5F74xs5i4C2ybIgZHf6GHQ_G9sIxm3nr1foT7YyfJcA",
"token_type": "Bearer"
}Headers
For security and authentication purposes, all API requests must include the following headers:
| Level | Field Name | Num. Occ. | Data Type | Format | Description | Example |
|---|---|---|---|---|---|---|
| 1 | Authorization | 1 | String | JWT | The JWT access token being issued by the authorization endpoint with client_id and client_secret, client should have this in header when calling APIs. | Bearer {eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9. eyJpc3MiOiJleGFtc GxlLmNvbSIsInN1YiI6InVzZXIxM jMiLCJ1c2VybmFtZSI6ImFkbWluIiwicm9sZSI6Im FkbWluIiwiaWF0IjoxNjY2NjY2NjY2LCJleHA iOjE2NjY2NzY2NjYwfQ.SflKqHj58QY4wLGlQ-OQzJ-1DqQW306V6Q_QjE-C4F4} |
| 1 | Content-Type | 1 | String | application/json | Indicating that the body of the HTTP message contains JSON-formatted data. | application/json |
| 1 | Request-ID | 1 | {UUID} | 36 Char | The request-id must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000), and generated by the client to make troubleshooting and trace the response of this request. | bc8f34a0-d6d8-4575-a70a-f78453761214 |
| 1 | Request-Time | 1 | date-time | YYYY-MM-DDTHH:MM:SSZ | Client timestamp of when this message was generated under full ISO 8601 UTC | 2025-05-16T09:30:00.000Z |
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.