sugarcrm v10 REST API Logging in

Example

You can use this example as a call from code, or through a REST client such as Postman:

POST https://YOURSITE.com/rest/v10/oauth2/token

{
"grant_type":"password",
"client_id":"sugar",
"client_secret": "",
"username":"your_username",
"password":"your_P@$sw0rd",
"platform":"api"
}

To elaborate on the above details, they stand for:

"grant_type":"password" - This is the method of logging in. In this case, we're using a username/password combination, so we put through "password"

"client_id":"sugar" - This indicates that we are authenticating ourselves through the standard "sugar" client of name/password. Other clients such as "support_portal". This also can reference a custom OAuth key within the application.

"client_secret": "" - This is blank as we're using the client id of "sugar", but if you're using a custom client, this is the secret associated with the client.

"username":"your_username" - Your user name

"password":"your_P@$sw0rd" - Your password

"platform":"api" - The typical platforms used within sugar are "base", "mobile", and "portal". For security reasons, if the same user logs into the same platform simultaneously, it will log the user out of the previous session. I've used "api", but this could be "myawesomesugarintegration" if you wanted.

Upon a successful request, the server returns an object including an "access_token", i.e:

"access_token":"abcdef01-2345-6789-0abc-def012345678"

For each subsequent request to the API, you must include this token to authenticate yourself.

That can be achieved by adding the header "OAuth-Token" with the access_token value to any further requests.