Collection and Drop Off API

(0 reviews)

Authentication

The NZ Post Shipping APIs implement the OAuth 2.0 for secure authentication and authorization. The OAuth 2.0 protocol requires an access token to be submitted with all API calls. There are multiple ways to implement OAuth 2.0 authentication, for most use case we recommend using Client Code Flow. If you would like to use a different method to implement OAuth 2.0 authentication, please contact API Support at api@nzpost.co.nz.

All communication with our servers must be over TLS (https://).

Step 1:Get your authorisation token
To get an authentication token, you will need the client_id and client_secret for your application, these can be found on the developer portal My Application page: https://anypoint.mulesoft.com/apiplatform/nz-post-group#/apps


The first step is to obtain an authorisation token. This is done by making a simple request to our authentication server with your application's client_id and client_secret.

$ curl -d "grant_type=client_credentials\
&client_id={YOUR APPLICATION'S CLIENT_ID} \
&client_secret={YOUR APPLICATION'S CLIENT_SECRET}" \
https://oauth.nzpost.co.nz/as/token.oauth2

You will receive a response like this:

{
    "access_token": "{ACCESS TOKEN}",
    "token_type": "Bearer",
    "expires_in": 86399
}

Response Parameters

The following lists the required fields in the /labels/domestic response message.

ParameterDescription
access_tokenOAuth 2.0 access token that you will use for subsequent API calls
token_typeThis is the type of token generated. The default is Bearer token, which can be understood as "give access to whoever brings the bearer token."
expires_inDuration that the access token is valid for, in seconds. The default value is 86399 seconds (24 hours). It is the API consumer responsibility to manage token expiry

Step 2: Use your authorisation token in an API call

Pass the access_token returned in the response in the Authorization header with the type Bearer to make requests on behalf of a user:

curl -H 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
'https://api.nzpost.co.nz/{API CALL}'

Header Example

GET https://api.nzpost.co.nz/Collectionaddress/v1/addresses/216250 HTTP/1.1
Accept-Encoding: gzip,deflate
client_id: a025...
Authorization: Bearer eyJhbGciOiJIUzI1NiIsImtpZCI6IlRFU1Qi...
Host: api.nzpost.co.nz
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)


Reviews