OAuth 2.0

Authentication is the process of proving your identity to the system. The KPN API Store uses the OAuth 2.0 Client Credentials Grant type. Client IDs and Client secrets are provided when you create an app in the My apps dashboard of the KPN API Store.

Send your Client ID and Client secret with an API request to KPN API Store. You will receive an access token in the JSON message body of the response. For example: "access_token": "haf2SDl07E9N7RluNQ4kJ1TkGgso",

Authentication workflow

Authentication workflow

How to authenticate

To authenticate on the KPN API Store use one of the following 3 options:


Execute the cURL command to receive an access token. Replace APP_CLIENT_ID and APP_CLIENT_SECRET with your app's credentials.

curl -X POST \
 'https://api-prd.kpn.com/oauth/client_credential/accesstoken?grant_type=client_credentials' \
 -H 'content-type: application/x-www-form-urlencoded' \
 -d 'client_id=APP_CLIENT_ID&client_secret=APP_CLIENT_SECRET'

If you are using cURL for Windows, please use the command below instead.

curl -X POST "https://api-prd.kpn.com/oauth/client_credential/accesstoken?grant_type=client_credentials" -H "content-type: application/x-www-form-urlencoded" -d "client_id=APP_CLIENT_ID&client_secret=APP_CLIENT_SECRET"

The authentication service returns a JSON message that contains the access_token field.

    "refresh_token_expires_in": "0",
    "api_product_list": "[xxxxxxx]",
    "api_product_list_json": [
        " xxxxxxx"
    "organization_name": "kpn",
    "developer_email": "demo123@kpn.com",
    "token_type": "Bearer",
    "issued_at": "1521039195424",
    "client_id": "APP_CLIENT_ID",
    "access_token": "haf2SDl07E9N7RluNQ4kJ1TkGgso",
    "application_name": "6e38edxxxxxxxxxxxxxxxx4065d79c",
    "scope": "",
    "expires_in": "3599",
    "refresh_count": "0",
    "status": "approved"


  1. Open the API reference of the API you want to use on the Documentation overview page.
  2. Click on the Authorize button on the top right.
  3. In the form, fill in client_id and client_secret, using your app's credentials.
  4. Click Authorize.

Note: Even if the button says Authorize it's really the authentication process.


When using Postman, you will have to import the Swagger file into a Postman collection as follows:

  1. Open the API reference on SwaggerHub.
  2. On the top right, click Export, click Download API and click 'YAML Unresolved'.
  3. In Postman from the menu click File and click Import... Choose the YAML file you downloaded in the previous step. A new collection will be added.
  4. Select Get Access Token from the collection.
  5. Make sure the right environment is selected, corresponding to the API.
  6. Edit the environment variables client_id and client_secret, using your app's credentials.
  7. Check the response code and message.
  8. Press the Send button to get an access token.

Note: Request variables are no longer linked to an environment, but to the collection.