E-mail
WAS THIS PAGE HELPFUL? Leave Feedback
1.0 Auth APIs
since: 7.0.2
1.1 Login
Authenticates an application, creating an SSO session for the given application. The Login API authenticates an application using three post parameters: user, password and app_name. All of these post parameters are required. Authentication is achieved by calling this API with encoded and/or encrypted credentials in the user and password parameters. The user must always be Base64 encoded. If security encryption is enabled, the encrypted password should be passed without additional encoding; otherwise, unencrypted passwords must be Base64 encoded. If successful, login returns a simple string: an access token. This token must then be passed to all subsequent Rest API calls in the GWOS-API-TOKEN HTTP header.
Login can return the follow HTTP Response Codes:
200 - Success
400 - Bad Request - if a parameter is missing or badly formed
401 - Unauthorized - failed to login
500 - General server failure
1.1.1 Method: POST
POST /api/auth/login
1.1.2 HTTP Headers
| Header | Valid Values | Required |
|---|---|---|
| Accept | text/plain | no |
| Content-Type | application/x-www-form-urlencoded | no |
1.1.3 HTTP Post Parameters
| Field | Description | Required |
|---|---|---|
| user | Base64 encoded user name | yes |
| password | encrypted or Base64 encoded password | yes |
| gwos-app-name | identifies your application name | yes |
Post data example:
user=d3N1c2Vy&password=d3N1c2Vy&gwos-app-name=cloudhub
1.2 Logout
Logout will end the SSO session for an application. Logout accepts two required post parameters: gwos_api_token, and app_name. If successful, logout returns an HTTP Status Code of 200. Note that the token may already be expired. In this case, the status code will be 404 Not Found, which can effectively be treated the same way as 200.
Logout can return the follow HTTP Response Codes:
200 - Success
400 - Bad Request - if a parameter is missing or badly formed
404 - Token not found, can be treated like 200 as the token has already expired
500 - General server failure
1.2.1 Method: POST
POST /api/auth/logout
1.2.2 HTTP Headers
| Header | Valid Values | Required |
|---|---|---|
| Accept | text/plain | no |
| Content-Type | application/x-www-form-urlencoded | no |
1.2.3 HTTP Post Parameters
| Field | Description | Required |
|---|---|---|
| gwos-api-token | The token returned from login | yes |
| gwos-app-name | identifies your application name | yes |
Post data example:
gwos-api-token=392393939239&gwos-app-name=cloudhub
1.3 Validate Token
Validatetoken will validate the provided token for an application. Validatetoken accepts two required post parameters: gwos_api_token, and app_name. If successful, Validatetoken returns a simple string: 'true' or 'false' indicating whether or not the provided token is valid to use.
Validatetoken can return the follow HTTP Response Codes:
200 - Success
400 - Bad Request - if a parameter is missing or badly formed
500 - General server failure
1.3.1 Method: POST
POST /api/auth/validatetoken
1.2.2 HTTP Headers
| Header | Valid Values | Required |
|---|---|---|
| Accept | text/plain | no |
| Content-Type | application/x-www-form-urlencoded | no |
1.2.3 HTTP Post Parameters
| Field | Description | Required |
|---|---|---|
| gwos-api-token | The token returned from login | yes |
| gwos-app-name | identifies your application name | yes |
Post data example:
gwos-api-token=392393939239&gwos-app-name=cloudhub