Web API: Token: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
Token operation is used to login a user, either using username and password, or as part of the [[SAML_2.0_Federated_Authentication|SAML 2.0 authentication]]. The '''access token''' is returned as a response, which is used to identify the session in the subsequent Web API operations. | |||
<pre> | <pre> | ||
Url: POST /token | Url: POST /token | ||
Content-Type: application/x-www-form-urlencoded | Content-Type: application/x-www-form-urlencoded | ||
Body: | Body (as form data with username, password and grant_type): | ||
username=myUserName&password=myPassword&grant_type=password | username=myUserName&password=myPassword&grant_type=password | ||
</pre> | </pre> | ||
Note that the path doesn't contain | Note that the path doesn't contain ''api'', unlike other operations in the Web API. Example url: | ||
<pre> | <pre> | ||
https://customer.onqpr.com/qprpa/token | https://customer.onqpr.com/qprpa/token | ||
</pre> | |||
When using SAML 2.0 authentication the url contain the ''samlHash'' parameter (which has been received earlier using the [[Web_API:_Samlsignin|samlsignin]]): | |||
<pre> | |||
Url: POST /token?samlHash=<samlhash> | |||
</pre> | </pre> | ||
Request body contains the following parameters as url encoded: | Request body contains the following parameters as url encoded: | ||
* '''username''': Login name of the user | * '''username''': Login name of the user | ||
* '''password''': User password | * '''password''': User password (empty when using SAML 2.0 authentication) | ||
* '''grant_type''': | * '''grant_type''': use always "password" | ||
The response is an object with following fields: | The response is an object with following fields: | ||
Line 22: | Line 27: | ||
* '''globalPermissions''': [[Roles_and_Permissions_in_QPR_ProcessAnalyzer#Mapping_Roles_and_Permissions|Global permissions]] of the user as comma separated list. | * '''globalPermissions''': [[Roles_and_Permissions_in_QPR_ProcessAnalyzer#Mapping_Roles_and_Permissions|Global permissions]] of the user as comma separated list. | ||
* '''serverVersion''': Version of the QPR ProcessAnalyzer server. | * '''serverVersion''': Version of the QPR ProcessAnalyzer server. | ||
* '''token_type''': always | * '''token_type''': contains always "bearer" | ||
* '''userSettings''': All user-specific settings in stringified JSON format. Contains the following settings: | * '''userSettings''': All user-specific settings in stringified JSON format. Contains the following settings: | ||
** '''uiLanguage''': UI language of the user. | ** '''uiLanguage''': UI language of the user. |
Revision as of 17:21, 5 October 2021
Token operation is used to login a user, either using username and password, or as part of the SAML 2.0 authentication. The access token is returned as a response, which is used to identify the session in the subsequent Web API operations.
Url: POST /token Content-Type: application/x-www-form-urlencoded Body (as form data with username, password and grant_type): username=myUserName&password=myPassword&grant_type=password
Note that the path doesn't contain api, unlike other operations in the Web API. Example url:
https://customer.onqpr.com/qprpa/token
When using SAML 2.0 authentication the url contain the samlHash parameter (which has been received earlier using the samlsignin):
Url: POST /token?samlHash=<samlhash>
Request body contains the following parameters as url encoded:
- username: Login name of the user
- password: User password (empty when using SAML 2.0 authentication)
- grant_type: use always "password"
The response is an object with following fields:
- access_token: contains the access token (session id).
- globalPermissions: Global permissions of the user as comma separated list.
- serverVersion: Version of the QPR ProcessAnalyzer server.
- token_type: contains always "bearer"
- userSettings: All user-specific settings in stringified JSON format. Contains the following settings:
- uiLanguage: UI language of the user.
- dateFormat: The date time format used to present dates.
- firstDayOfWeek: The first day of the week shown in e.g. calendars. 0 is Sunday and 1 is Monday.
- use12HourClock: Whether the 12-hour clock is used when presenting time information.