Divendo API 2.0

We’ve rebuilt our API from the ground up to be easier than ever to integrate our platform with your favourite software


The Divendo REST API uses the OAuth 2.0 protocol to authorise calls. OAuth is an open standard that many companies use to provide secure access to protected resources.

When you register a new API user, Divendo generates a set of OAuth client ID and secret credentials for your application. You pass these credentials in the Authorization header in a get access token request.

In exchange for these credentials, Divendo's authorisation server issues access tokens called bearer tokens that you use for authorisation when you make REST API requests. A bearer token enables you to complete actions on behalf of, and with the approval of, the resource owner.

Get an access token


To get an access token, you pass your OAuth credentials in a get access token call. In response, the Divendo authorisation server issues an access token which can be re-used until it expires. When the token expires, you can repeat this process to obtain a new token.

Request body client_id The unique client_id assigned to your API user
client_secret The unique client_secret assigned to your API user
grant_type Always set to client_credentials

Example response

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

  "access_token": "uEe8OoPbTCrEovStq8_xYhrCIAHeNSO5f9WgjQq5tWrt7T9tEuAnYEW0A7y8ev8UUVfaiqPHawi3Oc6a7stunaICxudcdrkf5A0zu5BVDUKJj4dG7q3Eb",
  "token_type": "bearer",
  "expires_in": 21599

Making REST API calls


With a valid access token, you can make REST API calls. This sample call returns a list of ISO country codes. The access token in the call is an OAuth bearer token.

Example request

curl -v https://api.divendo/data/countries \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer access_token"