Authorization Service
- Authorizes a user and returns a token for further API calls
- Get token information
- Request a cross token
- Cross authenticate by using cross token
- Revoke / Terminate the token
- Authorize a user and get "remember me" token
- Login with "remember me" token
Authorization Service
Authorizes a user and returns a token for further API calls
URL: https://api-stage.bimplus.net/v2/authorize
JSON Structure:
Name |
Mandatory / Optional |
Type |
Description |
---|---|---|---|
user_id |
mandatory |
string |
The email address of the user |
password |
mandatory |
string |
The user's password |
client_id |
optional |
string |
The identifier of the used client |
application_id |
mandatory |
string |
The id of the application |
remember_me | optional | bool | Option for saving the user's credentials |
Please, use the client_id from the request and regenerate the token (using the same API call with client_id as the additional parameter) for having the possibility to login multiple times at the same time. For more information, see here
Response for the token validity is in seconds, means the token validity is 2 hours by default and remember me token 4 weeks resp. 28,9 days exactly.
Content-Type: application/json
{ "user_id" : "test@bimplus.net", "password" : "test" , "application_id" : "6C12345D-9B0C-4F3C-23AB-B5721D098F7B" }
Status: 200 OK
{ "access_token": "9c1874a62c974dcfa75e0132c423a088", "expires_in": 2591999, "client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a", "token_type": "BimPlus" }
Get token information
URL: https://api-stage.bimplus.net/v2/authorize
Content-Type: application/json Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
Status: 200 OK
{ "user_id": "b37b60d4-0f1b-4158-99c4-847254786517", "audience": "00000000-0000-0000-0000-000000000000", "expires_in": 2271650 }
where,
Name |
Type | Description |
---|---|---|
user_id |
string | The unique user id to be used for any further API calls. |
expires_in |
string | The remaining lifetime on the access token in seconds |
audience |
string | In our case the id of the client (Mobile app, Browser …) |
Request a cross token
URL: https://api-stage.bimplus.net/v2/cross-token
Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088 Content-Type: application/json
Status: 200 OK
{ cross_token: "b392cee4d0044ef681fa911772668cf9" expires_in: 299 token_type: "BimPlus" }
where,
Name |
Type |
Description |
---|---|---|
cross_token |
string |
The temporary token which will be used for cross-authenticate |
expires_in |
string |
The remaining lifetime on the access token in seconds |
token_type |
string |
Type of the token which will be used as part of the header |
Cross Authenticate by using cross token
URL: https://api-stage.bimplus.net/v2/cross-authorize
JSON Structure:
Name |
Mandatory / Optional |
Type |
Description |
---|---|---|---|
cross_token |
mandatory |
string |
The temporary token which will be used for cross-authenticate |
client_id |
optional |
string |
The identifier of the used client |
team_id |
optional |
string |
The id of the team |
project_id |
optional |
string |
The id of the project |
application_id |
optional |
string |
The id of the application |
The team_id and project_id information can be provided as part of the call, if the user wants to work on or display(viewer) a particular team or an project.
Content-Type: application/json
{ "cross_token": "b392cee4d0044ef681fa911772668cf9" }
Status: 200 OK
{ "access_token": "43796fab76d54d2c9cb9120fd7d79c9e", "expires_in": 2591999, "client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a", "token_type": "BimPlus" }
Revoke / Expire the token
URL: https://api-stage.bimplus.net/v2/authorize
Content-Type: application/json Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
Status: 200 OK
Authorize a user and get "remember me" token
URL: https://api-stage.bimplus.net/v2/authorize
JSON Structure:
Name |
Mandatory / Optional |
Type |
Description |
---|---|---|---|
user_id |
mandatory |
string |
The email address of the user |
password |
mandatory |
string |
The user's password |
client_id |
optional |
string |
The identifier of the used client |
application_id |
optional |
string |
The id of the application |
remember_me | mandatory | bool | Set it to true |
Content-Type: application/json
{ "user_id" : "test@bimplus.net", "password" : "test", "remember_me" : "true", "application_id": "0106c8baad467c08e26f026852cb7525", "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea" }
Status: 200 OK
{ "access_token": "35eb2b5e94b54d5aafa6b6a7b6e8de01", "expires_in": 28799, "application_id": "0106c8baad467c08e26f026852cb7525", "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea", "remember_me": true, "remember_me_token": "b930e0179baf4f919caeab28328190a3", "remember_me_expires_in" : 2591999 }
Get "remember me" token
Resource: authorize
URL: https://api-stage.bimplus.net/v2/authorize
JSON Structure:
Name |
Mandatory / Optional |
Type |
Description |
---|---|---|---|
remember_me | mandatory | bool | Set it to true |
remember_me_token | mandatory | string | The "remember me" token |
client_id |
mandatory |
string |
The identifier of the used client |
application_id |
optional |
string |
The id of the application |
POST
It is not necessary for the user to enter the credentials each time. Instead, do it only if required, together with requesting the "remember me" token, and than use this remember token to generate the authentication token each time.
Content-Type: application/json
{ "remember_me" : "true", "remeber_me_token": "b930e0179baf4f919caeab28328190a3", "application_id": "0106c8baad467c08e26f026852cb7525", "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea", }
Status: 200 OK
{ "access_token" : "e3a212b8f70e4b85b0ed826de7f775f6", "expires_in" : 28799, "application_id": "0106c8baad467c08e26f026852cb7525", "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea", "token_type": "BimPlus" }