Each call to the API must have an authorization token, by which the API service will determine if the request is authorized. There are two methods to retrieve an authentication token:
- Token Request with API credentials, which is a Client ID/Secret pair
- The token created with this authentication flow is cached by SDL MT Cloud for 24 hours. Therefore, the same token will be provided within the 24 hours of its validity period. Programmers can decide to locally store the token value and use it in various requests to the REST API service and only make a new authentication call when the token expires, or make the authentication call each time and not program any local codes to manage the token expiration. In this scenario where you are unable to store the token and need to make another token request within 24 hours, you will notice that the service reissue the same token and the response body will give you an updated time of when it will be expired.
- Token Request with user credentials, which is a Username/Password pair
- Unlike the other authentication flow, tokens created with user credentials are not cached and therefore will be a new one with each request.
Tokens are valid for 24 hours.
Our recommendation for machine to machine workflows where individual users are not involved is to use authentication via API Credentials.
For both authentication flows, the best implementation would be to generate a token once and store it, then only request a new one when the token expires. This way you will get the best performance possible, as your application will not make an extra request for every translation call (This extra request will add up after a while if the application has high translation needs).