Aspose.OMR Cloud follows industry standards and best practices to keep your data secure. All communication with OMR REST API is done using JWT authentication, which provides an open-standard, highly secure way to exchange information.

Getting an access token

Time-limited JWT tokens are generated using Client ID and Client Secret credentials that are specific for each application. To obtain the credentials:

  1. Sign in to GroupDocs Cloud API Dashboard.
  2. Go to Applications page.
  3. Create the storage for exchanging files by clicking the plus icon and following the required steps. You can either use your own cloud storage, create a new storage in our cloud, or reuse the existing one.
  4. Give the application an easily recognizable name so it can be quickly found in a long list.
  5. Click Save button.
  6. Click the newly created application and copy the values from Client Id and Client Secret fields.

Now request an access token by sending the POST request to with the following parameters in the request body (x-www-form-urlencoded):

  • grant_type - must be client_credentials
  • client_id - the value from Client Id field.
  • client_secret - the value from Client Secret field.

The access token is returned in access_token property of the response JSON and will be valid for the number of seconds specified in the expires_in property of the response JSON. If it has expired, request a new one using the same API call.

Authorizing REST API requests

To authorize your requests to Aspose.OMR Cloud API, pass the access token in Authorization header of each request (Bearer authentication):

curl --location --request POST '' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...l8v7jUV-mLjEdQ'

Authorizing SDK requests

The SDKs greatly simplify all operations for obtaining an access token and authorizing requests. Just pass in the values from the Client ID and Client Secret fields when initializing the recognition API and it will do the rest for you.