1 of 1

Authorization

API Authorization calls

The authorization controller is used to login to the API, in addition user management.

When a login call is completed, the API will return a bearer token which should be used in the auth header of all future calls. This token is set to expire 10 minutes after its generation.

A refresh token is also included in the login response, and this is used in the body of the refresh call to get new tokens with refreshed expiry times. Ensure a refresh call is made prior to any given bearer token's expiry to avoid having to login again.

Authorization

API Authorization calls

The authorization controller is used to login to the API, in addition user management.

When a login call is completed, the API will return a bearer token which should be used in the auth header of all future calls. This token is set to expire 10 minutes after its generation.

POST/api/v1/auth/login

Body

username*string

Username

password*string

Password

Response

Ok response

Body

token*string

API token

refreshToken*string

API refresh token

Request

Response

Refresh API tokens

POST/api/v1/auth/refresh

Body

refreshToken*string

Refresh token

Response

Ok response

Body

token*string

API token

refreshToken*string

API refresh token

Request

Response

Add a new user

POST/api/v1/auth/user

Body

username*string

Username

password*string

Password

roles*object

Role profile

admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Response

Ok response

Body

_id*string

User ID

Request

Response

Get user ID

GET/api/v1/auth/user/{username}

Path parameters

username*string

Username

Response

Ok response

Body

_id*string

User ID

Request

Response

Get all users

GET/api/v1/auth/users

Response

Ok response

Body

itemsstring

Username

Request

Response

Get user roles

GET/api/v1/auth/user/roles/{_id}

Path parameters

_id*string

User ID

Response

Role profile

Body

admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Request

Response

Set user roles

PATCH/api/v1/auth/user/roles/{_id}

Path parameters

_id*string

User ID

Body

roles*object

Role profile

admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Response

Ok response

Body

roles*object

Role profile

admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Request

Response

Set user password

PATCH/api/v1/auth/user/password/{_id}

Path parameters

_id*string

User ID

Body

password*string

New password

Response

Ok response

Body

result*string

Result

Request

Response

Delete a user

DELETE/api/v1/auth/user/{_id}

Path parameters

_id*string

Response

Default Response

Body

result*string

Result

Request

Response

Get all users

GET/api/v1/auth/users

Response

Ok response

Body

itemsstring

Username

Request

Response

Refresh API tokens

POST/api/v1/auth/refresh

Body

refreshToken*string

Refresh token

Response

Ok response

Body

token*string

API token

refreshToken*string

API refresh token

Request

Response

POST/api/v1/auth/login

Body

username*string

Username

password*string

Password

Response

Ok response

Body

token*string

API token

refreshToken*string

API refresh token

Request

Response

Delete a user

DELETE/api/v1/auth/user/{_id}

Path parameters

_id*string

Response

Default Response

Body

result*string

Result

Request

Response

Get user ID

GET/api/v1/auth/user/{username}

Path parameters

username*string

Username

Response

Ok response

Body

_id*string

User ID

Request

Response

Set user password

PATCH/api/v1/auth/user/password/{_id}

Path parameters

_id*string

User ID

Body

password*string

New password

Response

Ok response

Body

result*string

Result

Request

Response

Get user roles

GET/api/v1/auth/user/roles/{_id}

Path parameters

_id*string

User ID

Response

Role profile

Body

admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Request

Response

Add a new user

POST/api/v1/auth/user

Body

username*string

Username

password*string

Password

roles*object

Role profile

admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Response

Ok response

Body

_id*string

User ID

Request

Response

Set user roles

PATCH/api/v1/auth/user/roles/{_id}

Path parameters

_id*string

User ID

Body

roles*object

Role profile

admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Response

Ok response

Body

roles*object

Role profile

admin*boolean

Has admin permission

flows*boolean

Has flows editing permission

configure*boolean

Has configuration editing permission

subscribe*boolean

Has subscription permission

write*boolean

Has write permission

read*boolean

Has read permission

Request

Response

const response = await fetch('/api/v1/auth/users', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

[
  "admin",
  "bobz@home.com",
  "chris@home.com"
]

const response = await fetch('/api/v1/auth/refresh', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MTYxNzY2MiwiZXhwIjoxNjcxNjYwODYyfQ.Mwjbo13AQH-wyfuK_HI5sjwikUZSRboyHa6nkrkm-Xg"
    }),
});
const data = await response.json();

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyb2xlcyI6MjU1LCJpYXQiOjE2NzMyODcyMDUsImV4cCI6MTY3MzI5MDgwNX0.T2D6l1AMMEbBJXshJjyyHjt1t7XUB5k35Vegusg2HZc",
  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MzI4NzIwNSwiZXhwIjoxNjczMzMwNDA1fQ.AJxGVcUr0raGWYYUDY8hxq9It_gd7byodocjKuzo35I"
}

const response = await fetch('/api/v1/auth/login', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "username": "exampleUser",
      "password": "examplePassword"
    }),
});
const data = await response.json();

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyb2xlcyI6MjU1LCJpYXQiOjE2NzMyODY1MjYsImV4cCI6MTY3MzI5MDEyNn0.eDnLoBQSp8mkI6C4rkgm1iBFL_dSPAWoYiXOtitaCAs",
  "refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiIyYTZlMzQzNC1kZjI4LTQ1NDQtOTYzYS1mZTViMmQ1NTg0ZWIiLCJyZWZyZXNoVG9rZW4iOnRydWUsImlhdCI6MTY3MzI4NjUyNiwiZXhwIjoxNjczMzI5NzI2fQ.TsB2JUhjh8I8dvJrXxVNL4anJKUO5j_sS2EL3x4c5SE"
}

const response = await fetch('/api/v1/auth/user/{_id}', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

{
  "result": "OK"
}

const response = await fetch('/api/v1/auth/user/{username}', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

71abe4f9-c636-4b1c-950f-968459cea908

const response = await fetch('/api/v1/auth/user/password/{_id}', {
    method: 'PATCH',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "password": "text"
    }),
});
const data = await response.json();

{
  "result": "text"
}

const response = await fetch('/api/v1/auth/user/roles/{_id}', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

{
  "admin": false,
  "flows": true,
  "configure": false,
  "subscribe": true,
  "write": true,
  "read": true
}

const response = await fetch('/api/v1/auth/user', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "username": "bobz@home.com",
      "password": "12345678",
      "roles": {
        "admin": false,
        "flows": true,
        "configure": false,
        "subscribe": true,
        "write": true,
        "read": true
      }
    }),
});
const data = await response.json();

{
  "_id": "71abe4f9-c636-4b1c-950f-968459cea908"
}

const response = await fetch('/api/v1/auth/user/roles/{_id}', {
    method: 'PATCH',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "roles": {
        "admin": true,
        "flows": true,
        "configure": false,
        "subscribe": true,
        "write": true,
        "read": true
      }
    }),
});
const data = await response.json();

{
  "roles": {
    "admin": true,
    "flows": true,
    "configure": false,
    "subscribe": true,
    "write": true,
    "read": true
  }
}

Authorization

Authorization

Login to engine API

Refresh API tokens

Add a new user

Get user ID

Get all users

Get user roles

Set user roles

Set user password

Delete a user

Get all users

Refresh API tokens

Login to engine API

Delete a user

Get user ID

Set user password

Get user roles

Add a new user

Set user roles