-
Notifications
You must be signed in to change notification settings - Fork 1
POST auth
Jefferson Medeiros edited this page Nov 29, 2019
·
4 revisions
Retrieve a valid token to be used in requests. The authentication approach is following the specifications of JWT, which is a standard (RFC-7519) that defines how to transmit and store JSON objects in a compact and secure way between different applications.
The token payload will include the following information (RFC-7519):
Claim | Description |
---|---|
sub | Subject, entity to which the token belongs, usually the user ID. |
iss | Issuer, defines the issuer of the token. |
exp | Expiration, timestamp in seconds of when the token will expire. |
iat | Issued at, timestamp in seconds from when the token was created. |
scope | Specifies the access scopes that the generated token has. |
Example of values that can make up the payload:
{
"sub": "5daf47f1d3cb260019b5edb9",
"sub_type": "admin",
"iss": "ocariot",
"iat": 1571849771,
"scope": "physicalactivities:read sleep:read measurements:read",
"exp": 1571936171
}
curl -X POST "https://localhost:3001/v1/auth" -H "accept: application/json" -H "Content-Type: application/json" -d "{"username":"your_user","password":"your_password"}"
{
"username": "BR0001",
"password": "br123"
}
-
200
Successful Authentication{ "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1ZGFmNDdmMWQzY2IyNjAwMTliNWVkYjkiLCJzdWJfdHlwZSI6ImFkbWluIiwiaXNzIjoib2NhcmlvdCIsImlhdCI6MTU3MTg0OTc3MSwic2NvcGUiOiJwaHlzaWNhbGFjdGl2aXRpZXM6cmVhZCBzbGVlcDpyZWFkIG1lYXN1cmVtZW50czpyZWFkIiwiZXhwIjoxNTcxOTM2MTcxfQ.WduK8favKAufML3tg93Wfd-Dg7gUPES31AHnZlzzKtZI1ZX3TVBPm_QCBvLizmthtBs8IVKrYeK4MDGyvoDKrz2-FG3lnbbNeUnZ90SLHDBH9raFrDt8tA4je7nlBiONtOIkzYH0yjhIHf-FuYade64k6OUwGpV3cDLnq2CD2CsmnHDzlAwXnfH2kLB_SHCgXyTCeNJKOb9W3rQ2sc88KHaJIE6CRBQIdi7te-N647vkMuBjon8EgCz4VjX4n6yEXfMFPof905Xt6hD5q7EC9o9QF04x2ElxtjWl5aSvsDEoAeFjAhH7m3_YMgg99md4Rb3jUoFNVd561JvxQDL2PItRagHwRCevh6NdOsypepJSKEj4Vmj3xtm_F3W7fyVP8Z3YCwy5dhzTmpvyELhcgsh2bNx92iDbyl5LQ7Xem9BNgM0yXKDCxAA_nXsKEeYYp3rdCePxBtjhd3Z7zhC1XA9qvbvNOOk8A0561GKr0YP96K4rtMfA3_dfZ1JPa82YP-iLlUCBVMiVAVP7a-3cmNToo29lYILeM2LRdnEANGf_inouCkpXSY_qAQgxip8r-AzjqVl9M8_eIMaDn2IxWeOnVOyfmY1eThJecG7V2iqGKpY61HIHWt0sbdYfuY7fpJNtP9IUSST3UMMb_P3KcLv5CCLuT6XewEWn4nRSFd8" }
-
400
Validation errors-
- Example
{ "code": 400, "message": "Required fields were not provided...", "description": "username, password are required!" }
- Example
-
- Example
{ "code": 400, "message": "One or more request fields are invalid...", "description": "username must have at least one character!" }
- Example
-
- Example
{ "code": 400, "message": "One or more request fields are invalid...", "description": "username must be a string!" }
- Example
OCARIoT Account Microservice API (Full documentation)
- POST institutions
- GET institutions
- GET institutions.inst_id
- PATCH institutions.inst_id
- DELETE institutions.inst_id
- POST educators.children.groups
- GET educators.children.groups
- GET educators.children.groups.group_id
- PATCH educators.children.groups.group_id
- DELETE educators.children.groups.group_id
- POST healthprofessionals
- GET healthprofessionals
- GET healthprofessionals.hprof_id
- PATCH healthprofessionals.hprof_id