Auth API (1.0)
The Auth API allows users to manage tokens (Generate A New Token, Get All Tokens, Delete A Token etc.) so that the tokens can be used to access other APIs (Auth API, Cloud API, Reseller API, Activity Log API etc.) more securely.
Authentication
Basic Authentication
You will need to base64 encode the string containing your credentials. Separate your username and password with a colon, i.e., username:password and send it as 'Authorization' request header. More details: https://en.wikipedia.org/wiki/Basic_access_authentication
API key
Please provide header value as 'Bearer <token>' and don't forget to add 'Bearer' HTTP Authorization Scheme before the token.
token
Create A New Token
Users can generate a new token (JWT a.k.a JSON Web Token) that will be linked to their contract by default if they have access to a single contract. However, users with multiple contracts must always provide a valid contract number asX-Contract-Numberheader for the token to be generated against that particular contract. Not providing a valid contract number asX-Contract-Numberheader will lead to an error response.
This endpoint is protected and users must provide valid credentials either in the form of 'Basic Authentication' header or 'Token Authentication' header by encapsulating a token as the header value regardless of their access to a single contract or multiple contracts.
The response contains the newly generated token that users can use to access any of the API's (Auth API, Cloud API, Reseller API, Activity Log API etc.). The users can access Cloud API, Reseller API and Activity Log API using this newly generated token without the need to provide valid contract number asX-Contract-Numberheader if they have access to multiple contracts. However, users must provide a valid contract number asX-Contract-Numberheader to access Auth API. Every generated token will have an expiry that defaults to one year (subject to change).
Example Response:
{
"token":"eyJu...YifQ.eyJpc3...A0MjJ9.Kx_OHrm...HQguU"
}
Token Usage Example:
...
Authorization: Bearer eyJu...YifQ.eyJpc3...A0MjJ9.Kx_OHrm...HQguU
...
List All Tokens
Users can view details of all tokens generated by the user via GET /token endpoint. This endpoint is protected and users must provide valid credentials either in the form of 'Basic Authentication' header or 'Token Authentication' header by encapsulating a token as the header. Users with multiple contracts must also provide a valid contract number as X-Contract-Number header.
Delete A Token with Criteria.
Delete a single or multiple tokens using certain criteria parameter through this endpoint. The parameter value can be either ALL, EXPIRED or CURRENT and is required. This endpoint is protected and for parameter with ALL and EXPIRED users must provide valid credentials either in the form of 'Basic Authentication' header or 'Token Authentication' header by encapsulating a token as the header. For parameter value with CURRENT users must provide valid credentials only in the form of 'Token Authentication' . Users with multiple contracts must also provide a valid contract number as X-Contract-Number header.
Get A Token By Key Identifier
Retrieve a token by key identifier. Users can view the details of a specific token through this endpoint. This endpoint is protected and users must provide valid credentials either in the form of 'Basic Authentication' header or 'Token Authentication' header by encapsulating a token as the header. Users with multiple contracts must also provide a valid contract number as X-Contract-Number header.
Delete A Token.
Delete a token by key identifier (kid) through this endpoint. his endpoint is protected and users must provide valid credentials either in the form of 'Basic Authentication' header or 'Token Authentication' header by encapsulating a token as the header. Users with multiple contracts must also provide a valid contract number as X-Contract-Number header.