This repository has been archived by the owner on Jun 25, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
Authorization
Marek Tomczewski edited this page Apr 8, 2015
·
6 revisions
This API handles authorization
| Param | Type | Description | Value |
|---|---|---|---|
| Content-Type | HTTP Header | content type | Content-type: application/json |
Request
POST /v1/api/auth/token
{
"username": "test@example.com",
"password": "Passw0rd"
}
Response 200 OK (application/json)
{
"token": "eyJ0eXAi..."
}
- Notes: This call also refreshes the token.
User JWT token is valid for 24h and contains user access information. On access change, token should be refreshed, to use new privileges. Example situation that require token refresh:
- User creates new account - to use new account, token must be refreshed
- User has been invited to new account - to have access to this account, token should be refreshed
- User account role has been updated, for instance admin privileges were granted - to use new level of access, token must be refreshed
| Param | Type | Description | Value |
|---|---|---|---|
| Authorization | HTTP Header | Access Token | Authorization: Bearer eyJ0eXAi.... |
Request
GET/v1/api/auth/tokenInfo
Response 200 OK (application/json)
{
"header": {
"typ": "JWT",
"alg": "RS256"
},
"payload": {
"jti": "7b1430a2-dd61-4a47-919c-495cadb1ea7b",
"iss": "http://enableiot.com",
"sub": "53fdff4418b547e4241b8358",
"exp": "2014-10-02T07:53:25.361Z"
}
}
| Param | Type | Description | Value |
|---|---|---|---|
| Authorization | HTTP Header | Access Token | Authorization: Bearer eyJ0eXAi.... |
Request
GET/v1/api/auth/me
Response 200 OK (application/json)
{
"id": "5524fb12b57077f3012323c2",
"created": 1428487559131,
"email": "test@example.com",
"termsAndConditions": true,
"updated": 1428487559131,
"verified": true
}