Skip to end of metadata
Go to start of metadata

Authorization Service


Authorization Service


Authorizes a user and returns a token for further API calls
     Resource: authorize 

    URLhttps://api-stage.bimplus.net/v2/authorize

    JSON Structure

    Name

    Mandatory / Optional

    Type

    Description

    user_id

    mandatory

    string

    The email address of the user

    password

    mandatory

    string

    The user's password

    client_id

    optional

    string

    The identifier of the used client

    application_id

    mandatory

    string

    The id of the application

     See Details

    Application ID is mandatory on Bimplus API on Dev, Stage and Prod since 19.10.2017.
    To get your application id the contact Bimplus development team

    remember_me optional bool Option for saving the user's credentials
     POST
     Authorizes a user and returns a token for further API calls.

    Please, use the client_id from the request and regenerate the token (using the same API call with client_id as the additional parameter) for having the possibility to login multiple times at the same time. For more information, see here

    Response for the token validity is in seconds, means the token validity is 2 hours by default and remember me token 4 weeks resp. 28,9 days exactly.

    Headers
    Content-Type: application/json
    
    JSON
    {
     "user_id" : "test@bimplus.net",
     "password" : "test" ,
     "application_id" : "6C12345D9B0C4F3C23ABB5721D098F7B"
    }
    
    Status
    Status: 200 OK
    
    JSON
    {
    "access_token": "9c1874a62c974dcfa75e0132c423a088",
    "expires_in": 2591999,
    "client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a",
    "token_type": "BimPlus"
    }
    

    Get token information
       Resource: authorize

      URLhttps://api-stage.bimplus.net/v2/authorize 

       GET
       Get information about a specified token(if the specified token exists and not expired).
      Headers
      Content-Type: application/json
      
      Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
      Status
      Status: 200 OK
      
      JSON
      {
          "user_id": "b37b60d4-0f1b-4158-99c4-847254786517",
          "audience": "00000000-0000-0000-0000-000000000000",
          "expires_in": 2271650
      
      } 

      where,

      Name

      Type

      Description

      user_id

      string

      The unique user id to be used for any further API calls.

      expires_in

      string

      The remaining lifetime on the access token in seconds

      audience

      string

      In our case the id of the client (Mobile app, Browser …)

      Request a cross token
         Resource: cross-token

        URLhttps://api-stage.bimplus.net/v2/cross-token

         POST
         This service is basically used for requesting a disposable temporary token which will be used for authenticating against different clients. Based on the given authentication token the user is identified and a one time token is generated and returned.
        Headers
        Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
        Content-Type: application/json
        
        Status
        Status: 200 OK
        
        JSON
        {
        cross_token: "b392cee4d0044ef681fa911772668cf9"
        expires_in: 299
        token_type: "BimPlus"
        }
        

        where,

        Name

        Type

        Description

        cross_token

        string

        The temporary token which will be used for cross-authenticate

        expires_in

        string

        The remaining lifetime on the access token in seconds

        token_type

        string

        Type of the token which will be used as part of the header

        Cross Authenticate by using cross token
           Resource: cross-authorize

          URLhttps://api-stage.bimplus.net/v2/cross-authorize

          JSON Structure:

          Name

          Mandatory / Optional

          Type

          Description

          cross_token

          mandatory

          string

          The temporary token which will be used for cross-authenticate

          client_id

          optional

          string

          The identifier of the used client

          application_id

          mandatory string The id of the application





           POST
           Based on the one time cross token, the user will be identified and logged in to the given device/client. The one time cross token will be removed but the new token which will be generated as a result of this call be used in the header for the subsequent API calls.

          The team_id and project_id information can be provided as part of the call, if the user wants to work on or display(viewer) a particular team or an project.

          Headers
          Content-Type: application/json
          
          JSON
          {
          "cross_token": "b392cee4d0044ef681fa911772668cf9"
          }
          
          
          Status
          Status: 200 OK
          
          JSON
          {
          "access_token": "43796fab76d54d2c9cb9120fd7d79c9e",
          "expires_in": 2591999,
          "client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a",
          "token_type": "BimPlus"
          }
          

          Revoke / Expire the token
            Resource: authorize

            URLhttps://api-stage.bimplus.net/v2/authorize 

             DELETE
             The specified token will expire immediately.
            Headers
            Content-Type: application/json
            
            Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
            Status
            Status: 200 OK
            

            Authorize a user and get "remember me" token
               Resource: authorize 

              URLhttps://api-stage.bimplus.net/v2/authorize

              JSON Structure

              Name

              Mandatory / Optional

              Type

              Description

              user_id

              mandatory

              string

              The email address of the user

              password

              mandatory

              string

              The user's password

              client_id

              optional

              string

              The identifier of the used client

              application_id

              optional

              string

              The id of the application

              remember_me mandatory bool Set it to true
               POST
               Once the "remember_me" parameter is set to true, we will get 2 extra parameters in the json response (i.e remember_me_token & remember_me_expires_in) The remember_me_expires_in value will be set to 30 days. The client have to save the client_id & remember_me_token in their localStorage, cookie etc. So, for next authentication, they have to use this token as seen in the request json tab. By this way, if this set it is not necessary for the user to enter their credentials every time (i.e the credentials are not required to generate the auth token. Rather the remember_me_token will generate the auth token each time)
              Headers
              Content-Type: application/json
              
              JSON
              {
                  "user_id" : "test@bimplus.net",
                  "password" : "test",
                  "remember_me" : "true",
                  "application_id": "0106c8baad467c08e26f026852cb7525",
                  "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea"
              }
              
              Status
              Status: 200 OK
              
              JSON
              {
                  "access_token": "35eb2b5e94b54d5aafa6b6a7b6e8de01",
                  "expires_in": 28799,
                  "application_id": "0106c8baad467c08e26f026852cb7525",
                  "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea",
                  "remember_me": true,
                  "remember_me_token": "b930e0179baf4f919caeab28328190a3", 
                  "remember_me_expires_in" : 2591999 
              }
              
              Get "remember me" token

                Resource: authorize 

                URLhttps://api-stage.bimplus.net/v2/authorize

                JSON Structure

                 

                Name

                Mandatory / Optional

                Type

                Description

                remember_me mandatory bool Set it to true
                remember_me_token mandatory string The "remember me" token

                client_id

                mandatory

                string

                The identifier of the used client

                application_id

                optional

                string

                The id of the application

                 POST

                It is not necessary for the user to enter the credentials each time. Instead, do it only if required, together with requesting the "remember me" token, and than use this remember token to generate the authentication token each time.

                Headers
                Content-Type: application/json
                
                JSON
                {
                    "remember_me" : "true",
                    "remeber_me_token": "b930e0179baf4f919caeab28328190a3",
                    "application_id": "0106c8baad467c08e26f026852cb7525",
                    "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea",
                }
                
                Status
                Status: 200 OK
                
                JSON
                {
                    "access_token" : "e3a212b8f70e4b85b0ed826de7f775f6",
                    "expires_in" : 28799,
                    "application_id": "0106c8baad467c08e26f026852cb7525",
                    "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea",
                    "token_type": "BimPlus"
                }
                
                • No labels