IBISWorld API
  1. Overview
IBISWorld API
  • Overview
    • 🚀 Getting Started
    • 📊 About IBISWorld
    • 🚦Rate Limits & Data Size
    • 🌐 API Uptime, SLA & Support
    • 📌 Versioning & API Changes
    • ❓Frequently Asked Questions (FAQs)
    • 📰 API Release Notes
    • Authentication
      POST
  • How-To Guides
    • 🔁 How To: Convert ANZSIC ➜ IBISWorld Report
    • 📥 How To: Download an IBISWorld PDF Report
  • Industry
    • Risk
      • Risk Reports List
      • Recently Updated Risk Reports List
      • Full Industry Risk Report
      • Sections of Risk Report
      • Early Warning System (EWS)
    • States (US) & Provinces (Canada)
      • Industry Reports List
      • Full Industry Report
      • Sections of Industry Report
    • Segment Benchmarking (US)
      • Full Segment Benchmarking Report
      • Sections of a Segment Benchmarking Report
    • ESG
      • Full ESG Report
      • Sections of ESG Report
    • Industry Reports List
    • Recently Updated Industry Reports List
    • Sections of Industry Report
    • Full Industry Report
    • One Section from Multiple Industry Reports
    • Industry Report Images
  • Classifications
    • List of Classification System Versions
    • List of Classification System Titles and Codes
    • Classification System to IBISWorld Report Concordance
    • IBISWorld Report to Classification System Concordance
  • Downloads
    • Download a Report
  • Business Environment Profiles
    • BED Reports List
    • Recently Updated BED Reports List
    • Full BED Report
    • Sections of BED Report
  • Company
    • Company Reports List (Australia)
    • Full Company Report (Australia)
    • Sections of Company Report (Australia)
  1. Overview

Authentication

POST
/authentication/token
All IBISWorld API requests require authentication. We use the industry standard OAuth 2.0 protocol to secure access control.
Every request to the API must be accompanied by a valid access token.

Getting Started#

1.
Obtain Credentials
You need the following from IBISWorld:
Client ID
API‑enabled Username
Password
Contact your Client Relationship Manager if you don’t have those credentials.
2.
Generate Access Token
Use the credentials to request an OAuth 2.0 access token. The token is valid for 24 hours.
3.
Using the Access Token
For every request to other endpoints, include:
HTTP Header: Authorization: Bearer <access_token>
Header: Content-Type: application/json
Example (cURL):

🛡️ Security & Best Practices#

Keep your credentials safe - never expose your Client ID, username, password, or tokens in public repositories.
Use HTTPS for all interactions to protect data in transit.
Store and refresh tokens securely - only request new tokens when the old one is expired or about to expire.
Least privilege - only request permissions/scopes necessary for your use case.
Rotate credentials - if compromised or at regular intervals.

Summary Checklist#

Ensure you have Client ID, Username, Password
Generate access token via the /authentication/token endpoint
Include Authorization: Bearer <token> in all API calls
Refresh token every ~24 hours as needed
Follow security best practices to protect your credentials
Note: If you believe there is a security breach with your credentials or tokens, contact api‑support@ibisworld.com immediately.

Request

Body Params application/json

Example
{
  "ClientId": "XXXXX",
  "Username": "XXXXXXXX",
  "Password": "********"
}

Request Code Samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST '/authentication/token' \
--header 'Content-Type: application/json' \
--data-raw '{
  "ClientId": "XXXXX",
  "Username": "XXXXXXXX",
  "Password": "********"
}'

Responses

🟢200Success
application/json
Body

Example
{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expires_in": 86399,
  "status": "OK"
}
🟢204204
🟠401401
🟠403403
Modified at 2025-10-24 01:33:32
Previous
📰 API Release Notes
Next
🔁 How To: Convert ANZSIC ➜ IBISWorld Report
Built with