Passing Authentication

The Opentact API will require an API Key to authenticate requests.

All API requests are required to be made over HTTPS, HTTP requests will return back a 302 response - permanent redirection.

There are 5 methods to pass authentication to the API.

For accessing the API a valid email and password must be passed in the 'Authorization' header.

The following syntax must be used in the header

'Authorization: Basic base64(email:password)

A valid token is base64 encoded value of 'email:password'

  The following syntax must be used in the headers:
      Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=v

Security Scheme Type

HTTP Authorization Scheme

HTTPS

Basic

For accessing the API a valid JWT token must be passed to the query:

inX-Auth-Token header
as jwt query param

A valid token is generated by the API and returned as a response of
   a call to the route: /rest/auth giving a valid email & password.

  The following syntax must be used in the headers:
      X-Auth-Token: xxxxxx.yyyyyyy.zzzzzz

Header Parameter Name

Security Scheme Type

X-Auth-Token

API Key

For accessing the API a valid Google token must be passed to the query:

inX-Auth-Google-Token header
as google_token query param

A valid token is generated by the Google auth API and returned as a response from the Google Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Google-Token: xxxxxx.yyyyyyy.zzzzzz

More info can be found here: https://developers.google.com/identity/sign-in/web/backend-auth

Header Parameter Name

Security Scheme Type

X-Auth-Google-Token

API Key

For accessing the API a valid Facebook token must be passed to the query:

inX-Auth-Facebook-Token header
as facebook_token query param

A valid token is generated by the Facebook auth API and returned as a response 
of the Facebook Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Facebook-Token: xxxxxx.yyyyyyy.zzzzzz

More info can be found here: https://developers.facebook.com/docs/facebook-login/web

Header Parameter Name

Security Scheme Type

X-Auth-Facebook-Token

API Key

For accessing the API a valid HA1B token must be passed to the query:

inX-Auth-HA1B-Token header
as ha1b query param

A valid ha1b token is md5(<login>@<domain>:<domain>:<password>).

  The following syntax must be used in the headers:
      X-Auth-HA1B-Token: xxxxxxyyyyyyyyzzzzzz

More info could be found here: https://www.opensips.org/Documentation/TipsFAQ#toc2

Header Parameter Name

Security Scheme Type

X-Auth-HA1B-Token

API Key

Authentication API

GET https://api.opentact.org/rest/auth

This api is to get the JWT token for Authorize.

Headers

Name

Type

Description

X-Auth token*

String

JWT token

{
  "success": true,
  "payload": {
    "uuid": "0116f6d1-1280-44b2-9134-da48509ec575",
    "email": "[email protected]",
    "wss_online": true,
    "role": "User",
    "created_on": "2022-12-29T13:17:57.457Z",
    "modified_on": "2022-12-29T13:17:57.457Z",
    "deleted_on": null,
    "phone_number": "+1234567890",
    "dob": "2022-12-29T13:17:57.457Z",
    "avatar": "https://google/image.png",
    "first_name": "First Name",
    "last_name": "Last Name",
    "gender": "Female",
    "account": {
      "created_on": "2022-12-29T13:17:57.457Z",
      "modified_on": "2022-12-29T13:17:57.457Z",
      "uuid": "f2cb79fb-6bf8-4484-8034-debf95aac73b",
      "email": "[email protected]",
      "name": "DENOVOLAB",
      "level": "Level0",
      "deleted_on": null,
      "balance": 99.87895
    }
  }
}

{
  "success": false,
  "message": "string",
  "status": 500,
  "meta": "string",
  "fields": {
    "params.to": {
      "message": "invalid integer number",
      "value": "qwerty123456789"
    }
  }
}

{
  "success": false,
  "message": "string",
  "status": 500,
  "meta": "string",
  "fields": {
    "params.to": {
      "message": "invalid integer number",
      "value": "qwerty123456789"
    }
  }
}

PreviousOpentact API keys NextAuthentication API

Last updated 1 year ago

Was this helpful?