RTO authentication v1 vs v2

vincent.pilch

- We're currently using a secure version of the V1 authentication url- https/api.refinitiv.com:443/auth/oauth2/v1/token. I only see a non-secure version of the V2 authentication url mentioned in the documentation; does a secure version exist as well?

- In the V1 authentication request we're setting the 'scope' body parameter to 'trapi'; I see this is optional in the V2 authentication request, does it make sense to continue setting this parameter to 'trapi'?

wasin.w

Hello @vincent.pilch

Thank you for reaching out to us. Please be informed that the URL for the Version 2 Authentication is https/api.refinitiv.com/auth/oauth2/v2/token (not non-secure http). This URL detail on the Getting Started with Version 2 Authentication for Refinitiv Real-Time and Data Platform article is wrong, I am going to fix it.

• Update: I have fixed it.

Please see the URL reference on the following resources:

• WebSocket API RTO examples source code
• section 3.2 V2 Authentication Using Service Account of the Refinitiv Real-Time - Optimized Install and Config Guide document.

About the Version 2 'scope' parameter, it is now an optional parameter. I did a quick test by sending the Version 2 authentication request message to RDP with a scope parameter. It works fine and I get the access token accordingly.