External API

Intoduction

The Pensa External API allows third-party systems to securely access a selected set of Pensa services and processed data. Using RESTful, JSON-based endpoints, you can pull insights that Pensa has generated, synchronize them with your own applications, and build custom integrations on top of Pensa’s platform.

All External API calls are authenticated with a JWT access token obtained via the Authentication service described below, ensuring that only authorized clients can access your organization’s data.

Authentication – Generate Authorization Token

Endpoint

 POST https://api.pensasystems.net/extapi/v2/auth-token

Description: This endpoint is used to obtain a JWT access token using your client credentials. The token returned by this service must be sent in the Authorization header as Bearer <token> when calling all other External API endpoints.

Pensa provides each integration with a client_id and client_secret. These credentials uniquely identify your application and must be kept secure.

• Headers

  • Content-Type: application/json

  • Accept: application/json

• Request Body (JSON)

  Copy

  {
    "client_id": "your-client-id",
    "client_secret": "your-client-secret",
    "grant_type": "client_credentials"
  }

• Response (example)

  Copy

  {
    "access_token": "<jwt-token>",
    "token_type": "Bearer",
    "expires_in": 3600
  }

The access_token is the JWT you will use in subsequent requests, token_type indicates that it should be used as a Bearer token, and expires_in specifies how long the token is valid (in seconds) before you need to request a new one.