Passing Authentication

PreviousOpentact API keys NextAuthentication API

Last updated 1 year ago

Was this helpful?

Passing Authentication

The Opentact API will require an API Key to authenticate requests.

All API requests are required to be made over HTTPS, HTTP requests will return back a 302 response - permanent redirection.

There are 5 methods to pass authentication to the API.

For accessing the API a valid email and password must be passed in the 'Authorization' header.

The following syntax must be used in the header

'Authorization: Basic base64(email:password)

A valid token is base64 encoded value of 'email:password'

  The following syntax must be used in the headers:
      Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=v

Security Scheme Type

HTTP Authorization Scheme

HTTPS

Basic

For accessing the API a valid JWT token must be passed to the query:

inX-Auth-Token header
as jwt query param

A valid token is generated by the API and returned as a response of
   a call to the route: /rest/auth giving a valid email & password.

  The following syntax must be used in the headers:
      X-Auth-Token: xxxxxx.yyyyyyy.zzzzzz

Header Parameter Name

Security Scheme Type

X-Auth-Token

API Key

For accessing the API a valid Google token must be passed to the query:

inX-Auth-Google-Token header
as google_token query param

A valid token is generated by the Google auth API and returned as a response from the Google Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Google-Token: xxxxxx.yyyyyyy.zzzzzz

Header Parameter Name

Security Scheme Type

X-Auth-Google-Token

API Key

For accessing the API a valid Facebook token must be passed to the query:

inX-Auth-Facebook-Token header
as facebook_token query param

A valid token is generated by the Facebook auth API and returned as a response 
of the Facebook Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Facebook-Token: xxxxxx.yyyyyyy.zzzzzz

Header Parameter Name

Security Scheme Type

X-Auth-Facebook-Token

API Key

For accessing the API a valid HA1B token must be passed to the query:

inX-Auth-HA1B-Token header
as ha1b query param

A valid ha1b token is md5(<login>@<domain>:<domain>:<password>).

  The following syntax must be used in the headers:
      X-Auth-HA1B-Token: xxxxxxyyyyyyyyzzzzzz

Header Parameter Name

Security Scheme Type

X-Auth-HA1B-Token

API Key

Authentication API

GET https://api.opentact.org/rest/auth

This api is to get the JWT token for Authorize.

Headers

Name

Type

Description

X-Auth token*

String

JWT token

{
  "success": true,
  "payload": {
    "uuid": "0116f6d1-1280-44b2-9134-da48509ec575",
    "email": "info@opentact.org",
    "wss_online": true,
    "role": "User",
    "created_on": "2022-12-29T13:17:57.457Z",
    "modified_on": "2022-12-29T13:17:57.457Z",
    "deleted_on": null,
    "phone_number": "+1234567890",
    "dob": "2022-12-29T13:17:57.457Z",
    "avatar": "https://google/image.png",
    "first_name": "First Name",
    "last_name": "Last Name",
    "gender": "Female",
    "account": {
      "created_on": "2022-12-29T13:17:57.457Z",
      "modified_on": "2022-12-29T13:17:57.457Z",
      "uuid": "f2cb79fb-6bf8-4484-8034-debf95aac73b",
      "email": "info@denovolab.com",
      "name": "DENOVOLAB",
      "level": "Level0",
      "deleted_on": null,
      "balance": 99.87895
    }
  }
}

{
  "success": false,
  "message": "string",
  "status": 500,
  "meta": "string",
  "fields": {
    "params.to": {
      "message": "invalid integer number",
      "value": "qwerty123456789"
    }
  }
}

{
  "success": false,
  "message": "string",
  "status": 500,
  "meta": "string",
  "fields": {
    "params.to": {
      "message": "invalid integer number",
      "value": "qwerty123456789"
    }
  }
}

PreviousOpentact API keys NextAuthentication API

Last updated 1 year ago

Was this helpful?

The Opentact API will require an API Key to authenticate requests.

All API requests are required to be made over HTTPS, HTTP requests will return back a 302 response - permanent redirection.

There are 5 methods to pass authentication to the API.

For accessing the API a valid email and password must be passed in the 'Authorization' header.

The following syntax must be used in the header

'Authorization: Basic base64(email:password)

A valid token is base64 encoded value of 'email:password'

  The following syntax must be used in the headers:
      Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=v

Security Scheme Type

HTTP Authorization Scheme

HTTPS

Basic

For accessing the API a valid JWT token must be passed to the query:

inX-Auth-Token header
as jwt query param

A valid token is generated by the API and returned as a response of
   a call to the route: /rest/auth giving a valid email & password.

  The following syntax must be used in the headers:
      X-Auth-Token: xxxxxx.yyyyyyy.zzzzzz

Header Parameter Name

Security Scheme Type

X-Auth-Token

API Key

For accessing the API a valid Google token must be passed to the query:

inX-Auth-Google-Token header
as google_token query param

A valid token is generated by the Google auth API and returned as a response from the Google Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Google-Token: xxxxxx.yyyyyyy.zzzzzz

More info can be found here:

Header Parameter Name

Security Scheme Type

X-Auth-Google-Token

API Key

For accessing the API a valid Facebook token must be passed to the query:

inX-Auth-Facebook-Token header
as facebook_token query param

A valid token is generated by the Facebook auth API and returned as a response 
of the Facebook Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Facebook-Token: xxxxxx.yyyyyyy.zzzzzz

More info can be found here:

Header Parameter Name

Security Scheme Type

X-Auth-Facebook-Token

API Key

For accessing the API a valid HA1B token must be passed to the query:

inX-Auth-HA1B-Token header
as ha1b query param

A valid ha1b token is md5(<login>@<domain>:<domain>:<password>).

  The following syntax must be used in the headers:
      X-Auth-HA1B-Token: xxxxxxyyyyyyyyzzzzzz

More info could be found here:

Header Parameter Name

Security Scheme Type

X-Auth-HA1B-Token

API Key

Authentication API

GET https://api.opentact.org/rest/auth

This api is to get the JWT token for Authorize.

Headers

Name

Type

Description

X-Auth token*

String

JWT token

{
  "success": true,
  "payload": {
    "uuid": "0116f6d1-1280-44b2-9134-da48509ec575",
    "email": "info@opentact.org",
    "wss_online": true,
    "role": "User",
    "created_on": "2022-12-29T13:17:57.457Z",
    "modified_on": "2022-12-29T13:17:57.457Z",
    "deleted_on": null,
    "phone_number": "+1234567890",
    "dob": "2022-12-29T13:17:57.457Z",
    "avatar": "https://google/image.png",
    "first_name": "First Name",
    "last_name": "Last Name",
    "gender": "Female",
    "account": {
      "created_on": "2022-12-29T13:17:57.457Z",
      "modified_on": "2022-12-29T13:17:57.457Z",
      "uuid": "f2cb79fb-6bf8-4484-8034-debf95aac73b",
      "email": "info@denovolab.com",
      "name": "DENOVOLAB",
      "level": "Level0",
      "deleted_on": null,
      "balance": 99.87895
    }
  }
}

{
  "success": false,
  "message": "string",
  "status": 500,
  "meta": "string",
  "fields": {
    "params.to": {
      "message": "invalid integer number",
      "value": "qwerty123456789"
    }
  }
}

{
  "success": false,
  "message": "string",
  "status": 500,
  "meta": "string",
  "fields": {
    "params.to": {
      "message": "invalid integer number",
      "value": "qwerty123456789"
    }
  }
}