Tokens

Token API

The primary use of the token API is to create an authorization token which is to be used with the various A2B API endpoints.

The basic flow is as follows:

1. Send the user name and password to the token API endpoint.

2. Retrieve the token.

Example request

To exchange the user name and a password for a token, send the reques as follows:

{
  "username": "johndoe",
  "password": "foobarbazquux"
}

The endpoint will respond with the token in a JSON object:

{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOjczLCJjaWQiOjIwMTIwMjgwLCJ1c2VybmFtZSI6ImpvaG5AZG9lLmNvbSIsImlhdCI6MTU3OTI2NjMwOCwibmJmIjoxNTc5MjY2MzA4LCJleHAiOjE1NzkzNTI3MDh9.O-aHhzVntx8r9g2E_flkPiyI4ZI2ZZhJalhVK3YFHqU"}

Warning

Generated tokens will be valid for one day. After the token expires, access to all APIs will be rejected.

HTTP Authorization header

All (authenticated) API requests need the Authorization header. Example:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOjczLCJjaWQiOjIwMTIwMjgwLCJ1c2VybmFtZSI6ImpvaG5AZG9lLmNvbSIsImlhdCI6MTU3OTI2NjMwOCwibmJmIjoxNTc5MjY2MzA4LCJleHAiOjE1NzkzNTI3MDh9.O-aHhzVntx8r9g2E_flkPiyI4ZI2ZZhJalhVK3YFHqU