Authentication

Connect Enterprise uses OAuth 2.0 Client Credentials flow for system-to-system (M2M) authentication. You exchange your Client ID and Secret for a bearer token, then include that token in all subsequent API requests.

Environment Isolation: Tokens generated for Development must not be reused in Production, and vice versa. Each environment requires its own dedicated credentials and produces a unique, isolated token.

How It Works

Your system sends your clientid and secret to the /v1/auth/login endpoint.
The API returns a bearer token along with its expiration time and type.
Include the bearer token in the Authorization header of every protected API call.

Authorization: Bearer <your_token>

Credentials

Each Enterprise instance receives a unique Client ID and Client Secret. These are securely delivered by the PRIMO development team.

Keep credentials confidential: Never expose your Client ID or Secret in client-side code, public repositories, or logs. The security of your integration depends on keeping these values private.

Endpoint

Method: POST

Environment	URL
Development	`https://lfs-connect-enterprise-api-dev-h7ekhqc6g0g2greg.centralus-01.azurewebsites.net/v1/auth/login`
Production	`https://lfs-connect-enterprise-api-prod-d6hrg8hrg9bphpc7.centralus-01.azurewebsites.net/v1/auth/login`

Request Headers

Header	Value
`Content-Type`	`application/json`

Request Body

{
  "clientid": "YOUR_CLIENT_ID",
  "secret": "YOUR_CLIENT_SECRET"
}

Examples

Development
Production

curl --location 'https://lfs-connect-enterprise-api-dev-h7ekhqc6g0g2greg.centralus-01.azurewebsites.net/v1/auth/login' \
--header 'Content-Type: application/json' \
--data '{
  "clientid": "YOUR_CLIENT_ID",
  "secret": "YOUR_CLIENT_SECRET"
}'

curl --location 'https://lfs-connect-enterprise-api-prod-d6hrg8hrg9bphpc7.centralus-01.azurewebsites.net/v1/auth/login' \
--header 'Content-Type: application/json' \
--data '{
  "clientid": "YOUR_CLIENT_ID",
  "secret": "YOUR_CLIENT_SECRET"
}'

Token Response

A successful authentication returns a bearer token:

{
  "data": 
    {
      "token" : "eyJhbGciOiJSUzI1NiIsInR5..."
    },
  "errors": null
}

Use the access_token value in the Authorization header for all protected endpoints.

Scopes & Authorization

Connect Enterprise uses scope-based authorization. Your token includes a set of scopes that define which API operations your client is permitted to perform.

Inspect your token. You can decode your JWT access token using jwt.io to inspect the granted scopes and expiration time.

Next Steps

Review the available Environments & Base URLs
Start with an OTR Quote or Drayage Quote

How It Works​

Credentials​

Endpoint​

Request Headers​

Request Body​

Examples​

Token Response​

Scopes & Authorization​

Next Steps​