Authentication |
Back Top Previous Next |
The API is based on OAuth authentication.
At the time of writing, the only authentication grant supported is client credentials. A scope of view can be specified.
If this is the only scope specified, a licence count is not required, however, no modifications to Jim2 objects will be allowed.
The refresh token has an expiry time of 20 minutes, and can be extended by requesting a new access token.
Token endpoint
Path: token
Example C# OAuth client_credentials call:
WebRequest req = WebRequest.Create( "http://localhost:80/Jim_Test/token" ); req.Method = "POST";
// the user:password string for HTTP Basic authorisation // - user is the OAuth clientid (configured in the client id to use initial mapping) // - password is the OAuth secret (the secret is the configured user cardfile's password) string sTemp = "TestClientId:password"; string sEncoded; using (System.IO.MemoryStream ms = new System.IO.MemoryStream()) { System.IO.StreamWriter writer = new System.IO.StreamWriter( ms ); writer.Write( sTemp ); writer.Flush(); sEncoded = System.Convert.ToBase64String( ms.ToArray() ); } req.Headers.Add( "Authorization", "Basic " + sEncoded );
// the OAuth client credentials grant requires a form encoded request // NB: you can specify the client_id and client_secret in the form body as an alternative // to using the HTTP Authorization header as per above req.ContentType = "application/x-www-form-urlencoded";
using (var str = req.GetRequestStream()) { using (var writer = new System.IO.StreamWriter( str )) { writer.Write( "grant_type=client_credentials" ); // per comments above, readonly and no licence count taken writer.Write( "&scope=view" ); } }
var resp = req.GetResponse(); using (var strResp = resp.GetResponseStream()) { using (var reader = new System.IO.StreamReader( strResp )) { string sResponse = reader.ReadToEnd(); // parse the tokens from the JSON response RecvAccessToken rat = Newtonsoft.Json.JsonConvert.DeserializeObject( sResponse ); sAccessToken = rat.access_token; sRefreshToken = rat.refresh_token; }
Further information Jim2WebAPIGetData System Table JimScriptUrlHandler System Table |