Call Manhattan Active® API from your code

Get started using Manhattan Active® API from within your code

This how-to guide will walk you through a very simple Python command line utility (CLI). The utility will obtain an access token for Manhattan Active® API using the OAuth 2.0 Resource Owner Password Credentials Grant. That token will then be used to call the following to get information for the authenticated user:

GET /api/organization/user/allDetails/userId/

Before you begin

Before beginning, please assemble the authentication information.

Obtain an access token

The OAuth 2.0 Resource Owner Password Credentials Grant (direct access) may be used to obtain an API access token. The token endpoint may be called as follows:

def access_token(client_id, client_secret, token_url, username, password):
    """Return access token for Manhattan Active® API using the resource owner password credentials grant

    Conforms to

    Must authenticate to token endpoint with client credentials:

      client_id (str): client identifier
      client_secret (str): client password
      token_url (str): endpoint to obtain access token
      username (str): the resource owner username
      password (str): the resource owner password

      string: access token

       HTTPError:  http error

    # Access Token Request:
    response =, data={
        "grant_type": "password",
        "username": username, "password": password},
        auth=(client_id, client_secret))
    return response.json()["access_token"]

Call an API

To call the API, obtain an access token above and place it in the Authorization header as a Bearer token:

url = api + "/organization/api/organization/user/allDetails/userId/" + username

response = requests.request(
    "GET", url, headers={'Authorization': 'Bearer ' + token}, data={})

print(json.dumps(response.json(), indent=2))

Run the code

Download the source code

Download the python source code.

Install requests module

python3 -m pip install requests==2.27.1 

Set environment variables

Environment variables may be used to store common information:


For example:

export ACTIVE_CLIENT_ID=omnicomponent.1.0.0


Run the script to obtain information for the authenticated user.

# See help for getting user info
python3 -h

# Sample call (assumes ACTIVE_PASSWORD and ACTIVE_CLIENT_SECRET environment variables set)
python3 \
 -c omnicomponent.1.0.0 \
 -t https://<environment> \
 -u \
 -a https://<environment>


If you receive a 400 Client Error: for url:, then your username and password are invalid for the authorization server.

Last modified February 19, 2024: HF for customer code (3d3136c)