Getting Started
Welcome to the Betflow B2B API. This guide will help you make your first API call in minutes.
Base URL
All API requests are made to:
https://api.odditt.com
Sandbox URL:
https://sandbox.odditt.com
All endpoints are prefixed with /v1/.
Prerequisites
Before you begin, make sure you have:
- API credentials — either an API key or OAuth2 client credentials (
client_id+client_secret), provided by the Betflow team during onboarding. - An HTTP client — any tool that can make HTTP requests (cURL, Postman, your application code, etc.).
Quick Start
1. Authenticate
Exchange your credentials for a JWT access token.
Using an API key:
curl -X POST https://api.odditt.com/v1/auth/login \
-H "X-API-Key: YOUR_API_KEY"
Using OAuth2 client credentials:
curl -X POST https://api.odditt.com/v1/oauth/login \
-H "Content-Type: application/json" \
-d '{
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET"
}'
Both return a token pair:
{
"access_token": "eyJhbGciOiJIUzI1NiIs...",
"refresh_token": "dGhpcyBpcyBhIHJlZnJl...",
"token_type": "Bearer",
"expires_at": "2026-03-17T16:15:00Z",
"expires_in": 900
}
2. Make an API call
Use the access_token as a Bearer token, or pass your API key directly via X-API-Key:
With Bearer token:
curl https://api.odditt.com/v1/references/sports \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
With API key (no login required):
curl https://api.odditt.com/v1/references/sports \
-H "X-API-Key: YOUR_API_KEY"
3. Explore the API
Browse the API Reference to see all available endpoints, or continue reading the guides:
- Authentication — detailed auth flows and token management
- Rate Limiting — understand request limits
- Error Handling — HTTP status codes and error responses
- Pagination — navigating paginated results
Authentication Methods
You can authenticate requests in two ways:
| Method | Header | When to use |
|---|---|---|
| API Key | X-API-Key: YOUR_KEY | Simple integration, no token management needed |
| Bearer Token | Authorization: Bearer TOKEN | After calling /v1/auth/login or /v1/oauth/login |
Both methods are accepted on all protected endpoints. Using an API key directly is simpler; using JWT tokens is recommended for production as it reduces API key exposure over the wire.
Next Steps
- Read the Authentication guide for a detailed explanation of token lifecycle and refresh flows.
- Check the API Reference for endpoint details, parameters, and examples.