Authentication

Overview

Kensho uses OpenID Connect (OIDC) (opens in a new tab), for authentication and authorization. OIDC is an industry-standard identity layer built on top of the OAuth2.0 framework. OAuth 2.0 (opens in a new tab) defines access tokens and refresh tokens for validation. The OAuth 2.0 specification can be found here (opens in a new tab)

Authenticating to Kensho APIs

Developing against Kensho APIs requires authenticated access. There are two primary approaches to authenticating to Kensho APIs:

Both approaches to authentication are acceptable, though it's recommended to start with refresh tokens.