Authentication and authorization

Authentication identifies who is making an API request, and authorization identifies what data the requester may access. OAuth is an industry standard for authorizing limited access to services and data. Applications must obtain a secure token that identifies the application that makes the request. The token is passed to the resource server (API server) with each API request. For more information, see Authenticating APIs with OAuth.

Restriction: OAuth is the preferred method for authentication and the only option available to new MQL API applications. All other traditional methods are deprecated, and companies using the other methods will be transitioned to OAuth. For more information, contact your Medallia expert.