Aspose.OCR Cloud follows industry standards and best practices to keep your data secure. All communication with OCR REST API is done using JWT authentication, which provides an open-standard, highly secure way to exchange information.
Getting an access token
Time-limited JWT tokens are generated using Client ID and Client Secret credentials that are specific for each application. To obtain the credentials:
Sign in to Aspose Cloud API Dashboard.
Go to Applications page.
Click Create New Application button.
Give the application an easily recognizable name so it can be quickly found in a long list, and provide an optional detailed description.
Create the cloud storage by clicking the plus icon and following the required steps. You can also reuse existing storage, if available.
Aspose.OCR Cloud uses its own internal storage, so you can provide the bare minimum storage options:
- Type: Internal storage
- Storage name: Any name you like
- Storage mode: Retain files for 24 hours
Click Save button.
Click the newly created application and copy the values from Client Id and Client Secret fields.
Now request an access token by sending the POST request to
https://api.aspose.cloud/connect/token with the following parameters in the request body (x-www-form-urlencoded):
grant_type- must be
client_id- the value from Client Id field.
client_secret- the value from Client Secret field.
The access token is returned in
access_token property of the response JSON and will be valid for the number of seconds specified in the
expires_in property of the response JSON. If it has expired, request a new one using the same API call.
Authorizing REST API requests
To authorize your requests to Aspose.OCR Cloud API, pass the access token in Authorization header of each request (Bearer authentication):
curl --request POST --location 'https://api.aspose.cloud/v3.0/ocr/recognize' \ --header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...l8v7jUV-mLjEdQ'
Authorizing SDK requests
The SDKs greatly simplify all operations for obtaining an access token and authorizing requests. Just pass in the values from the Client ID and Client Secret fields when initializing the recognition API and it will do the rest for you.