Authentication

API Authorization Documentation

The API Authorization includes endpoints for generating and refreshing JWT tokens. These endpoints are essential for secure and authenticated access to other API functionalities.

1. Generate JWT Token

Endpoint:

POST /api/v1/Authorization/GenerateJwtToken

Description:

Generates a JWT token for a specified application. The token includes an accessToken and a refreshToken, which can be used for authentication and token refresh operations.

Request Headers:

Content-Type: application/json; x-api-version=1.0
Accept: application/json

Request Body:

{
  "applicationId": "urn:uuid:91c698db-5cbe-0f55-915e-bd64d5178337",
  "jwtPrivateKey": "85896144dda1ff0b68fce638a221a7e824720e3622be630ff7c51ae94978c3b482d66886aecbb56469bbf990719c1e11b5a811ed6663a4915f4e34df486866d2"
}

Field

Type

Description

applicationId

string

The unique identifier (UUID) of the application.

jwtPrivateKey

string

The private key used to sign the JWT.

Response:

Status 200 OK

{
  "$id": "1",
  "applicationId": "d5eabbb8-c0f6-4640-94fd-3566edad499f",
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "accessTokenExpiration": "2024-12-20T11:57:50.974699Z",
  "refreshToken": "OjKkePJHJOtX6wPl8S88U6da4XiZrjqfBXBtmOpQXiE=",
  "refreshTokenExpiration": "2024-12-27T11:57:50.974699Z"
}

Field

Type

Description

applicationId

string

The unique identifier (UUID) of the application.

accessToken

string

The JWT access token for authentication.

accessTokenExpiration

datetime

Expiration date and time for the accessToken.

refreshToken

string

Token used to obtain a new accessToken without logging in again.

refreshTokenExpiration

datetime

Expiration date and time for the refreshToken.

Error Responses:

Status 400 Bad Request
- Invalid input data or missing required fields.
Status 500 Internal Server Error
- Server-side error during token generation.

2. Refresh JWT Token

Endpoint:

POST /api/v1/Authorization/RefreshJwtToken

Description:

Refreshes an expired JWT access token using a valid refreshToken.

Request Headers:

Content-Type: application/json; x-api-version=1.0
Accept: application/json

Request Body:

{
  "applicationId": "d7f1bd96-8a69-6cf1-2f8f-bf4485909cc9",
  "jwtPrivateKey": "adipisicing labore occaecat quis",
  "refreshToken": "cupidatat"
}

Field

Type

Description

applicationId

string

The unique identifier (UUID) of the application.

jwtPrivateKey

string

The private key used to sign the JWT.

refreshToken

string

The token used to refresh the expired access token.

Response:

Status 200 OK

{
  "$id": "1",
  "applicationId": "d5eabbb8-c0f6-4640-94fd-3566edad499f",
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "accessTokenExpiration": "2024-12-20T11:28:25.452242Z",
  "refreshToken": "KusyuOxD5xg7rmWEdJ+iPN8NRkatb1bRsCuQYqpzXq0=",
  "refreshTokenExpiration": "2024-12-27T11:28:25.452242Z"
}

Field

Type

Description

applicationId

string

The unique identifier (UUID) of the application.

accessToken

string

The refreshed JWT access token for authentication.

accessTokenExpiration

datetime

Expiration date and time for the refreshed accessToken.

refreshToken

string

Token used to obtain another new accessToken if necessary.

refreshTokenExpiration

datetime

Expiration date and time for the new refreshToken.

Error Responses:

Status 400 Bad Request

Invalid input data or missing required fields.

{
  "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
  "title": "One or more validation errors occurred.",
  "status": 400,
  "traceId": "00-131a39782d3aa54ef0cfae62c715a4e2-61df78abdb62e43d-00",
  "errors": {
      "model": [
          "The model field is required."
      ],
      "$.applicationId": [
          "The JSON value could not be converted to System.Guid. Path: $.applicationId | LineNumber: 1 | BytePositionInLine: 56."
      ]
  }
}

Status 401 Unauthorized

Invalid or expired refresh token.

{
  "errors": {
      "business:": [
          "Token is missing, invalid or ApplicationId is not found in the token."
      ]
  },
  "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
  "title": "One or more errors occurred.",
  "status": 401,
  "detail": null,
  "instance": null,
  "extensions": {
      "traceId": "00-fc878634896257c5991ac5399ab6c46c-416e4be3606fdbaa-00"
  }
}

Status 500 Internal Server Error

Server-side error during token refresh.

{
    "errors": {
        "business:": [
            "InvokeAsync: Authorization service configuration error."
        ]
    },
    "type": "https://tools.ietf.org/html/rfc7231#section-6.5.1",
    "title": "An unexpected error occurred.",
    "status": 500,
    "detail": null,
    "instance": null,
    "extensions": {
        "traceId": "00-914cddf34585cf2527567899edf9f640-4fa7d7aed5c16373-00"
    }
}

PreviousCore Capabilities NextNotifications

Last updated 1 year ago

hashtagAPI Authorization Documentation

hashtag1. Generate JWT Token

hashtagEndpoint:

hashtagDescription:

hashtagRequest Headers:

hashtagRequest Body:

hashtagResponse:

hashtagError Responses:

hashtag2. Refresh JWT Token

hashtagEndpoint:

hashtagDescription:

hashtagRequest Headers:

hashtagRequest Body:

hashtagResponse:

hashtagError Responses:

API Authorization Documentation

1. Generate JWT Token

Endpoint:

Description:

Request Headers:

Request Body:

Response:

Error Responses:

2. Refresh JWT Token

Endpoint:

Description:

Request Headers:

Request Body:

Response:

Error Responses: