4.1 Authorization Service

Authorization Service

Authorizes a user and returns a token for further API calls

Resource: authorize

URL: https://api-stage.bimplus.net/v2/authorize

JSON Structure:

Name	Mandatory / Optional	Type	Description
user_id	mandatory	string	The email address of the user
password	mandatory	string	The user's password
client_id	optional	string	The identifier of the used client
application_id	optional	string	The id of the application
remember_me	optional	bool	Option for saving the user's credentials

POST

Authorizes a user and returns a token for further API calls.

Please, use the client_id from the request and regenerate the token (using the same API call with client_id as the additional parameter) for having the possibility to login multiple times at the same time. For more information, see here

Headers

Content-Type: application/json

JSON

{
 "user_id" : "test@bimplus.net",
 "password" : "test"
}

Status

Status: 200 OK

JSON

{
"access_token": "9c1874a62c974dcfa75e0132c423a088",
"expires_in": 2591999,
"client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a",
"token_type": "BimPlus"
}

Get token information

Resource: authorize

URL: https://api-stage.bimplus.net/v2/authorize

GET

Get information about a specified token(if the specified token exists and not expired).

Headers

Content-Type: application/json

Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088

Status

Status: 200 OK

JSON

{
    "user_id": "b37b60d4-0f1b-4158-99c4-847254786517",
    "audience": "00000000-0000-0000-0000-000000000000",
    "expires_in": 2271650

}

where,

Name	Type	Description
user_id	string	The unique user id to be used for any further API calls.
expires_in	string	The remaining lifetime on the access token in seconds
audience	string	In our case the id of the client (Mobile app, Browser …)

Request a cross token

Resource: cross-token

URL: https://api-stage.bimplus.net/v2/cross-token

POST

This service is basically used for requesting a disposable temporary token which will be used for authenticating against different clients. Based on the given authentication token the user is identified and a one time token is generated and returned.

Headers

Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
Content-Type: application/json

Status

Status: 200 OK

JSON

{
cross_token: "b392cee4d0044ef681fa911772668cf9"
expires_in: 299
token_type: "BimPlus"
}

where,

Name	Type	Description
cross_token	string	The temporary token which will be used for cross-authenticate
expires_in	string	The remaining lifetime on the access token in seconds
token_type	string	Type of the token which will be used as part of the header

Cross Authenticate by using cross token

Resource: cross-authorize

URL: https://api-stage.bimplus.net/v2/cross-authorize

JSON Structure:

Name	Mandatory / Optional	Type	Description
cross_token	mandatory	string	The temporary token which will be used for cross-authenticate
client_id	optional	string	The identifier of the used client
team_id	optional	string	The id of the team
project_id	optional	string	The id of the project
application_id	optional	string	The id of the application

POST

Based on the one time cross token, the user will be identified and logged in to the given device/client. The one time cross token will be removed but the new token which will be generated as a result of this call be used in the header for the subsequent API calls.

The team_id and project_id information can be provided as part of the call, if the user wants to work on or display(viewer) a particular team or an project.

Headers

Content-Type: application/json

JSON

{
"cross_token": "b392cee4d0044ef681fa911772668cf9"
}

Status

Status: 200 OK

JSON

{
"access_token": "43796fab76d54d2c9cb9120fd7d79c9e",
"expires_in": 2591999,
"client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a",
"token_type": "BimPlus"
}

Revoke / Expire the token

Resource: authorize

URL: https://api-stage.bimplus.net/v2/authorize

DELETE

The specified token will expire immediately.

Headers

Content-Type: application/json

Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088

Status

Status: 200 OK

How remember me works

Resource: authorize

URL: https://api-stage.bimplus.net/v2/authorize

JSON Structure:

Name	Mandatory / Optional	Type	Description
user_id	mandatory	string	The email address of the user
password	mandatory	string	The user's password
client_id	optional	string	The identifier of the used client
application_id	optional	string	The id of the application
remember_me	mandatory	bool	Set it to true

POST

Once the "remember_me" parameter is set to true, we will get 3 extra parameters in the json response (i.e remember_me_token)

Headers

Content-Type: application/json

JSON

{
 "user_id" : "test@bimplus.net",
 "password" : "test"
}

Status

Status: 200 OK

JSON

{
"access_token": "9c1874a62c974dcfa75e0132c423a088",
"expires_in": 2591999,
"client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a",
"token_type": "BimPlus"
}

Math Editor

Space shortcuts

Page tree

Authorization Service

Authorization Service

Authorizes a user and returns a token for further API calls

Get token information

Request a cross token

Cross Authenticate by using cross token

Revoke / Expire the token

How remember me works