Skip to main content

Authentication

Retrieving access token

To retrieve an access token from the EnableNow API you can use standard OAuth Client Credentials flow using:

Use the following parameters:

Parameter
Value
client_id
[Your Client ID]
client_secret
[Your Client Secret]
scope
"customer-api"
grant_type
"client_credentials"

The generated access token will be valid for 60 minutes.

Best practices

Reuse your access token

The access token should be reused for the duration of its validity (60 minutes). Requesting a new token for every API call is unnecessary and puts avoidable load on the platform.

We recommend caching the token after it is issued and only requesting a new one when it is about to expire.

Only fetch the data you need

Avoid retrieving more data than necessary. For example, don't fetch all transactions when you only need the latest updates. Use filters, date ranges, and pagination parameters to limit your requests to the data you actually need.

Use webhooks instead of polling

Where webhooks are available, prefer them over polling the API for changes. Webhooks deliver updates to you in real-time and eliminate the need for repeated API calls to check for new data.

Rate limiting

EnableNow APIs enforce rate limits to ensure fair usage and platform stability. The exact limits are variable and may be adjusted without notice.

Exceeding the limit will result in an HTTP 429 Too Many Requests response. This response includes a Retry-After header indicating the number of seconds to wait before retrying.