Mesh is authenticated via OAuth2. An initial request must be made to collect the token. This token can then be used to authenticate all requests for the following 24 hours, after which the token must be refreshed.

The username and password should be one of the users already created in your account. We recommend creating a dedicated API user for your integration. The value realm is provided by ComplyAdvantage.

The access token returned by the initial request can then be used within the authorization header.

"Authorization":"Bearer {access_token}"

The bearer token has a validity period of 24 hours (86,400 seconds), after which any authentication attempts will fail. To refresh a token, use the same method as that used to generate it.