Authorization Service

Authorization Service

Authorizes a user and returns a token for further API calls
 Resource: authorize 

URLhttps://api-stage.bimplus.net/v2/authorize

JSON Structure

Name

Mandatory / Optional

Type

Description

user_id

mandatory

string

The email address of the user

password

mandatory

string

The user's password

client_id

optional

string

The identifier of the used client

application_id

optional

string

The id of the application

remember_meoptionalboolOption for saving the user's credentials
 POST
 Authorizes a user and returns a token for further API calls.

Please, use the client_id from the request and regenerate the token (using the same API call with client_id as the additional parameter) for having the possibility to login multiple times at the same time. For more information, see here

Content-Type: application/json

{
 "user_id" : "test@bimplus.net",
 "password" : "test"
}

Status: 200 OK

{
"access_token": "9c1874a62c974dcfa75e0132c423a088",
"expires_in": 2591999,
"client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a",
"token_type": "BimPlus"
}

Get token information
 Resource: authorize

URLhttps://api-stage.bimplus.net/v2/authorize 

 GET
 Get information about a specified token(if the specified token exists and not expired).
Content-Type: application/json

Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
Status: 200 OK

{
    "user_id": "b37b60d4-0f1b-4158-99c4-847254786517",
    "audience": "00000000-0000-0000-0000-000000000000",
    "expires_in": 2271650

} 

where,

Name

Type

Description

user_id

string

The unique user id to be used for any further API calls.

expires_in

string

The remaining lifetime on the access token in seconds

audience

string

In our case the id of the client (Mobile app, Browser …)

Request a cross token
 Resource: cross-token

URLhttps://api-stage.bimplus.net/v2/cross-token

 POST
 This service is basically used for requesting a disposable temporary token which will be used for authenticating against different clients. Based on the given authentication token the user is identified and a one time token is generated and returned.
Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
Content-Type: application/json

Status: 200 OK

{
cross_token: "b392cee4d0044ef681fa911772668cf9"
expires_in: 299
token_type: "BimPlus"
}

where,

Name

Type

Description

cross_token

string

The temporary token which will be used for cross-authenticate

expires_in

string

The remaining lifetime on the access token in seconds

token_type

string

Type of the token which will be used as part of the header

Cross Authenticate by using cross token
 Resource: cross-authorize

URLhttps://api-stage.bimplus.net/v2/cross-authorize

JSON Structure:

Name

Mandatory / Optional

Type

Description

cross_token

mandatory

string

The temporary token which will be used for cross-authenticate

client_id

optional

string

The identifier of the used client

team_id

optional

string

The id of the team

project_id

optional

string

The id of the project

application_id

optional

string

The id of the application

 POST
 Based on the one time cross token, the user will be identified and logged in to the given device/client. The one time cross token will be removed but the new token which will be generated as a result of this call be used in the header for the subsequent API calls.

The team_id and project_id information can be provided as part of the call, if the user wants to work on or display(viewer) a particular team or an project.

Content-Type: application/json

{
"cross_token": "b392cee4d0044ef681fa911772668cf9"
}


Status: 200 OK

{
"access_token": "43796fab76d54d2c9cb9120fd7d79c9e",
"expires_in": 2591999,
"client_id": "9fd0bb9d-570b-4719-bfae-93e2f879c19a",
"token_type": "BimPlus"
}

Revoke / Expire the token
Resource: authorize

URLhttps://api-stage.bimplus.net/v2/authorize 

 DELETE
 The specified token will expire immediately.
Content-Type: application/json

Authorization: BimPlus 9c1874a62c974dcfa75e0132c423a088
Status: 200 OK

How remember me works
 Resource: authorize 

URLhttps://api-stage.bimplus.net/v2/authorize

JSON Structure

Name

Mandatory / Optional

Type

Description

user_id

mandatory

string

The email address of the user

password

mandatory

string

The user's password

client_id

optional

string

The identifier of the used client

application_id

optional

string

The id of the application

remember_memandatoryboolSet it to true
 POST
 Once the "remember_me" parameter is set to true, we will get 2 extra parameters in the json response (i.e remember_me_token & remember_me_expires_in) The remember_me_expires_in value will be set to 30 days. The client have to save the client_id & remember_me_token in their localStorage, cookie etc. So, for next authentication, they have to use this token as seen in the request json tab. By this way, if this set it is not necessary for the user to enter their credentials every time (i.e the credentials are not required to generate the auth token. Rather the remember_me_token will generate the auth token each time)
Content-Type: application/json

{
    "remember_me_token": "b930e0179baf4f919caeab28328190a3",
    "remember_me": true,
    "application_id": "0106c8baad467c08e26f026852cb7525",
    "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea"
}

Status: 200 OK

{
    "access_token": "d953334fcfe748be9d87e2461f7f3af6",
    "expires_in": 7200,
    "client_id": "0864b512-1776-4a55-8ee5-2b19d7d9b7ea",
    "token_type": "BimPlus"
}