Overview

Kensho uses OpenID Connect (OIDC) (opens in a new tab), for authentication and authorization. OIDC is an industry-standard identity layer built on top of the OAuth2.0 framework. OAuth 2.0 (opens in a new tab) defines access tokens and refresh tokens for validation. The OAuth 2.0 specification can be found here (opens in a new tab). 

Authenticating to Kensho APIs

Developing against Kensho APIs requires authenticated access. There are two primary approaches to authenticating to Kensho APIs:

• Refresh tokens are great for advanced testing or short-term, ad-hoc API requests.
• Public-private keypairs are the ultimate solution for long-term, unattended, usage of the APIs.

Both approaches to authentication are acceptable, though it's recommended to start with refresh tokens.