Versions Compared

Old Version 1

changes.mady.by.user Emil Ifrim

Saved on

compared with

New Version 2

changes.mady.by.user Emil Ifrim

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The purpose of this section is to describe how to authenticate when making API calls using the Rator REST APIconfigure brand access.

 

OAuth 2

For obtaining access/bearer tokens, we support the following of RFC-6749's grant flows, plus a custom password flow for authentication of Operators:

1. Resource Owner Password Credentials Grant 

Useful if you have the end user's password but you want to use a more secure end user access token instead. 

...

Overview

This article applies to rator-rest-api-3.x and rator-rest-api-auth-1.x. With those versions, brandKey parameter is mandatory.

Token endpoint (authentication)

In order to obtain an access token, every request has to contain the brandKey parameter. This parameter is of type QUERY.

Example:curl -v -X POST -u myclientid:myclientsecret http://host:port/appcontext/oauth/token

...

?username=#myusername&password=

...

2. Operator Password Credentials Grant 

Useful if you have the end user's password but you want to use a more secure end user access token instead. 

...

#mypassword&grant_type=password&brandKey={

...

mybrandkey}

...

3. Client Credentials Grant

Somewhat like our existing "2-LO" flow for OAuth 1. Obtain an access token that represents not an end user, but the owner of the client/consumer:

...

REST API endpoint (resources)

Every request for any resource has to contain the X-RATOR-brand-key parameter. This parameter is of type HEADER.

Example: 

$ curl -X GET 'http://host:port/appcontext

...

Making requests

Once you have an access token, one can use it in a request as a request header: Authorization: Bearer {access_token}

Refresh tokens

The access tokens expire after an interval that is configured in OAUTH_CLIENT_DETAILS table. When this happens you'll get 401 responses.

$ curl -X POST -u myclientid:myclientsecret http://host:port/appcontext/oauth/token -H "Accept: application/json" -d "grant_type=refresh_token&refresh_token={refresh_token}&brandKey={myBrandKey}"

Scopes

...

 

...

/api/billing-groups/201506171857210002/balance' 

-H 'Accept-Language: it' 
-H 'Authorization: Bearer 2acda61f-cf4f-42be-8561-563b5db7840f
-H 'X-RATOR-brand-key: BRAND1' 

Filter by label (Content by label)
showLabelsfalse
max5
spacesRatorInterface
sortmodified
showSpacefalse
reversetrue
typepage
labelskb-how-to-article