Our APIs support the OAuth2 authentication protocol. Using the OAuth2 protocol, you allow an external application to log into CustomerGauge to call one of our APIs. Contrary to traditional authentication through API keys, OAuth2 does not rely on a single API key that's shared across all kinds of applications. This gives you the big benefit of not having to back-track to every connected system to change your API key should you lose it.


Requirements: What do you need

  • Access to "Integration" -> "Connected Apps"
  • Know your Region1; this is the region in which your CustomerGauge system is hosted. You can find your region by looking at the URL when logged into CustomerGauge (https://cvm.region1.customergauge.com).


How to Authenticate

  1. In CustomerGauge, navigate to Data > Integrations, and then click on the Connected Apps tab.
  2. Click the "Create New App" button in the top-right of the Connected Apps page.


  3. In the App Name box type something to help you identify the app, and click the Save button.


  4. After saving, a popup with the Client ID and Client Secret information will appear. Save the Client Secret right away, you won't be able to retrieve it once you close the popup.


  • Call the Authentication API: POST https://auth.{{region1}}.customergauge.com/oauth2/token
    This API will return you the Access Token that you'll use from here onwards to call our APIs.
    1. The Grant Type for the authentication request should be "client_credentials"

      Access Token Expiration: The Access Token stays valid for 1 hour after obtaining it, after which you'll need to obtain a new one.


cURL Example

curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=client_credentials&client_id={{ Client ID }}&client_secret={{ Client Secret }}" https://auth.{{ region }}.customergauge.com/oauth2/token

Make sure to replace {{ Client ID }}, {{ Client Secret }}, and {{ Region }} as applicable to your use case.


Calling APIs

To call our APIs through OAuth2 authentication, you'll need to pass the Access Token with Bearer in the Authorization header of each request.

Authorization:Bearer XXXXX

You can call any of our v4.1 APIs using this method of authentication.