Authentication

Quick Navigation

• POST Auth/SignAppin
• POST Auth/Signout
• POST Auth/Connect/Token (OAuth)
• POST Auth/SignAppIn (OAuth)

POST Auth/SignAppin

Purpose

Authenticates the provided credentials and creates a user session.

Required Permissions

A user group to which the user belongs must be granted access to the API key given in authorization header. Must be running script from a valid source address as configured in API registration for the given API key.

Request Body

None.

Response Body

Content-Type: application/json

{
    UserId: int,
    SID: string,
    EmailAddress: string,
    UserName: string,
    Name: string
}

Response Codes

• 200 – Request successful. User model in the response body.
• 403 – Access forbidden. Returned if the Password Safe license is not valid.
• 410 – API version has been disabled.

For more information, please see Common Response Codes.

POST Auth/Signout

Purpose

Terminates the current user session.

Required Permissions

None.

Request Body

None.

Response Body

None.

Response Codes

• 200 – Request successful.

For more information, please see Common Response Codes.

OAuth Public API Authentication

POST Auth/Connect/Token

Purpose

Authenticates the provided credentials and allows access to the public API.

Required Permissions

Application user must be associated to an API Access Policy API registration and must belong to a user group with necessary permissions.

Request Body

Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&client_id=[user-client-id]&client_secret=[user-client-secret]

Response Body

Content-Type: application/x-www-form-urlencoded

{
        access_token: string,
        expires_in: int,
        token_type:string = “Bearer”,
        scope: string
}

Response Body Details

• access_token: The privileged credential to use in the Authorization header for API requests to authenticate the use.
• expires_in: Lifetime (in seconds) that the token is valid.
• token_type: Describes the access token (always Bearer).
• scope: Describes the scope of the access token, which is what the token is allowed to perform. For application users, this consists of only a scope called publicapi.

POST Auth/SignAppIn

Request Body

None .

Header

Authorization: Bearer [access_token]

Cookies are still supported using this sign-in method.