Overview
The Ambient AI Scribe API uses OAuth2 password flow for authentication. This allows service accounts to authenticate using a username and password to obtain a JWT (JSON Web Token) access token.Obtaining a Token
To authenticate, send a POST request to the/v1/ambient/api/auth/token endpoint with your credentials.
Request
Service account username/email
Service account password
Response
Upon successful authentication, you’ll receive a JWT token:Example Request
- cURL
- JavaScript
- Python
Using the Token
Once you have the access token, include it in theAuthorization header for all authenticated API requests:
Example
Token Expiration
Tokens have a default expiration time of 172,800 seconds (48 hours). When a token expires, you’ll receive a401 Unauthorized response. Simply request a new token using the authentication endpoint.
Security Best Practices
- Never commit credentials to version control
- Store credentials securely using environment variables or secure vaults
- Rotate passwords regularly for service accounts
- Use HTTPS only - never send credentials over unencrypted connections
- Implement token caching to avoid unnecessary authentication requests
- Handle token refresh proactively before expiration
Service Accounts
Service accounts are used for programmatic access to the API. Contact your administrator to:- Create a service account
- Obtain credentials
- Configure appropriate permissions and rate limits
Troubleshooting
Invalid Credentials
If you receive a401 Unauthorized response, verify:
- Your username and password are correct
- Your service account is active
- Your account has API access enabled
Token Not Working
If your token is not accepted:- Verify the token hasn’t expired
- Check that you’re including the
Bearerprefix in the Authorization header - Ensure there are no extra spaces or characters in the token