Authorization
API Authorization calls
The authorization controller is used to login to the API, in addition user management.
When a login call is completed, the API will return a bearer token which should be used in the auth header of all future calls. This token is set to expire 10 minutes after its generation.
A refresh token is also included in the login response, and this is used in the body of the refresh call to get new tokens with refreshed expiry times. Ensure a refresh call is made prior to any given bearer token's expiry to avoid having to login again.
Engine API Login credentials
Username
Password
Ok response
Unauthorized
Internal Server Error
POST /api/v1/auth/login HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 55
{
"username": "exampleUser",
"password": "examplePassword"
}
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyb2xlcyI6MjU1LCJpYXQiOjE2NzMyODY1MjYsImV4cCI6MTY3MzI5MDEyNn0.eDnLoBQSp8mkI6C4rkgm1iBFL_dSPAWoYiXOtitaCAs",
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MzI4NjUyNiwiZXhwIjoxNjczMzI5NzI2fQ.TsB2JUhjh8I8dvJrXxVNL4anJKUO5j_sS2EL3x4c5SE"
}
Refresh token data
Refresh token
Ok response
Unauthorized
Internal Server Error
POST /api/v1/auth/refresh HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 234
{
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MTYxNzY2MiwiZXhwIjoxNjcxNjYwODYyfQ.Mwjbo13AQH-wyfuK_HI5sjwikUZSRboyHa6nkrkm-Xg"
}
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyb2xlcyI6MjU1LCJpYXQiOjE2NzMyODcyMDUsImV4cCI6MTY3MzI5MDgwNX0.T2D6l1AMMEbBJXshJjyyHjt1t7XUB5k35Vegusg2HZc",
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MzI4NzIwNSwiZXhwIjoxNjczMzMwNDA1fQ.AJxGVcUr0raGWYYUDY8hxq9It_gd7byodocjKuzo35I"
}
New user data
Username
Password
Ok response
Unauthorized
Internal Server Error
POST /api/v1/auth/user HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 147
{
"username": "[email protected]",
"password": "12345678",
"roles": {
"admin": false,
"flows": true,
"configure": false,
"subscribe": true,
"write": true,
"read": true
}
}
{
"_id": "71abe4f9-c636-4b1c-950f-968459cea908"
}
Ok response
Unauthorized
Internal Server Error
GET /api/v1/auth/users HTTP/1.1
Host:
Accept: */*
[
"admin",
"[email protected]",
"[email protected]"
]
User ID
Role profile
Unauthorized
Not Found
Internal Server Error
GET /api/v1/auth/user/roles/{_id} HTTP/1.1
Host:
Accept: */*
{
"admin": false,
"flows": true,
"configure": false,
"subscribe": true,
"write": true,
"read": true
}
User ID
New roles information
Ok response
Unauthorized
Not Found
Internal Server Error
PATCH /api/v1/auth/user/roles/{_id} HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 97
{
"roles": {
"admin": true,
"flows": true,
"configure": false,
"subscribe": true,
"write": true,
"read": true
}
}
{
"roles": {
"admin": true,
"flows": true,
"configure": false,
"subscribe": true,
"write": true,
"read": true
}
}
User ID
New password information
New password
Ok response
Unauthorized
Not Found
Internal Server Error
PATCH /api/v1/auth/user/password/{_id} HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 19
{
"password": "text"
}
{
"result": "text"
}
Last updated