Main WebsiteRaise a Support Ticket

Authorization

API Authorization calls

The authorization controller is used to login to the API, in addition user management.

When a login call is completed, the API will return a bearer token which should be used in the auth header of all future calls. This token is set to expire 10 minutes after its generation.

A refresh token is also included in the login response, and this is used in the body of the refresh call to get new tokens with refreshed expiry times. Ensure a refresh call is made prior to any given bearer token's expiry to avoid having to login again.

Login to engine API

POST/api/v1/auth/login
Body
username*string

Username

password*string

Password

Response

Ok response

Body
token*string

API token

refreshToken*string

API refresh token

Request
const response = await fetch('/api/v1/auth/login', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "username": "exampleUser",
      "password": "examplePassword"
    }),
});
const data = await response.json();
Response
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyb2xlcyI6MjU1LCJpYXQiOjE2NzMyODY1MjYsImV4cCI6MTY3MzI5MDEyNn0.eDnLoBQSp8mkI6C4rkgm1iBFL_dSPAWoYiXOtitaCAs",
  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MzI4NjUyNiwiZXhwIjoxNjczMzI5NzI2fQ.TsB2JUhjh8I8dvJrXxVNL4anJKUO5j_sS2EL3x4c5SE"
}

Refresh API tokens

POST/api/v1/auth/refresh
Body
refreshToken*string

Refresh token

Response

Ok response

Body
token*string

API token

refreshToken*string

API refresh token

Request
const response = await fetch('/api/v1/auth/refresh', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MTYxNzY2MiwiZXhwIjoxNjcxNjYwODYyfQ.Mwjbo13AQH-wyfuK_HI5sjwikUZSRboyHa6nkrkm-Xg"
    }),
});
const data = await response.json();
Response
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyb2xlcyI6MjU1LCJpYXQiOjE2NzMyODcyMDUsImV4cCI6MTY3MzI5MDgwNX0.T2D6l1AMMEbBJXshJjyyHjt1t7XUB5k35Vegusg2HZc",
  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MzI4NzIwNSwiZXhwIjoxNjczMzMwNDA1fQ.AJxGVcUr0raGWYYUDY8hxq9It_gd7byodocjKuzo35I"
}

Add a new user

POST/api/v1/auth/user
Body
username*string

Username

password*string

Password

roles*object

Role profile

Response

Ok response

Body
_id*string

User ID

Request
const response = await fetch('/api/v1/auth/user', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "username": "bobz@home.com",
      "password": "12345678",
      "roles": {
        "admin": false,
        "flows": true,
        "configure": false,
        "subscribe": true,
        "write": true,
        "read": true
      }
    }),
});
const data = await response.json();
Response
{
  "_id": "71abe4f9-c636-4b1c-950f-968459cea908"
}

Get user ID

GET/api/v1/auth/user/{username}
Path parameters
username*string

Username

Response

Ok response

Body
_id*string

User ID

Request
const response = await fetch('/api/v1/auth/user/{username}', {
    method: 'GET',
    headers: {},
});
const data = await response.json();
Response
71abe4f9-c636-4b1c-950f-968459cea908

Get all users

GET/api/v1/auth/users
Response

Ok response

Body
itemsstring

Username

Request
const response = await fetch('/api/v1/auth/users', {
    method: 'GET',
    headers: {},
});
const data = await response.json();
Response
[
  "admin",
  "bobz@home.com",
  "chris@home.com"
]

Get user roles

GET/api/v1/auth/user/roles/{_id}
Path parameters
_id*string

User ID

Response

Role profile

Body
admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Request
const response = await fetch('/api/v1/auth/user/roles/{_id}', {
    method: 'GET',
    headers: {},
});
const data = await response.json();
Response
{
  "admin": false,
  "flows": true,
  "configure": false,
  "subscribe": true,
  "write": true,
  "read": true
}

Set user roles

PATCH/api/v1/auth/user/roles/{_id}
Path parameters
_id*string

User ID

Body
roles*object

Role profile

Response

Ok response

Body
roles*object

Role profile

Request
const response = await fetch('/api/v1/auth/user/roles/{_id}', {
    method: 'PATCH',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "roles": {
        "admin": true,
        "flows": true,
        "configure": false,
        "subscribe": true,
        "write": true,
        "read": true
      }
    }),
});
const data = await response.json();
Response
{
  "roles": {
    "admin": true,
    "flows": true,
    "configure": false,
    "subscribe": true,
    "write": true,
    "read": true
  }
}

Set user password

PATCH/api/v1/auth/user/password/{_id}
Path parameters
_id*string

User ID

Body
password*string

New password

Response

Ok response

Body
result*string

Result

Request
const response = await fetch('/api/v1/auth/user/password/{_id}', {
    method: 'PATCH',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "password": "text"
    }),
});
const data = await response.json();
Response
{
  "result": "text"
}

Delete a user

DELETE/api/v1/auth/user/{_id}
Path parameters
_id*string
Response

Default Response

Body
result*string

Result

Request
const response = await fetch('/api/v1/auth/user/{_id}', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();
Response
{
  "result": "OK"
}
PreviousMobiusFlow Engine APINextDiscover

Last updated

More Support

Contact UsTraining CoursesForumRaise a Ticket

© 2023 MobiusFlow® - All Rights Reserved - MobiusFlow® is a registered trademark of Infrastructure Software Solutions Limited trading as MobiusFlow® - All other brand names, product names, or trademarks belong to their respective owners