-
Notifications
You must be signed in to change notification settings - Fork 0
Authorization
All API calls will be verified using the Tapp Secret along with the TappID, or a PageAccessToken. If you want to send the requests from the frontend, you have to use a PageAccessToken.
We recommend to use the basic authorization scheme using the tapp secret.
The secret required for the basic authorization in the backend can be found in the tapp administration.
When you're using requests as they are described in the reference section, you will have to build up the requests with an authorization header. This is the point where you are going to need the tapp secret.
The authorization header is build up like this
Authorization: Basic {TappId}:{Secret}
You have to replace {TappId} and {Secret} (including the brackets) with the tappId of the tappId the request was sent from and the secret that can be found in the tapp administration.
To get an PageAccessToken you have to run a POST (HTTP) request. You have to set the Content-Type to 'application/json' and add a Authorization header, with the following scheme
'Basic ' + Base64String(TappID:Tapp Secret)
The request-body has to contain a string-array of permissions for the requested AccessToken, named 'permissions'.
permissions = ['PublicInfo', 'UserInfo', 'DeviceInfo', 'SeeUAC', 'EditUAC', 'Push', 'Email'];
The request will return an JSON-Object, that contains an string-array named 'data'. The first item of the array is the PageAccessToken.
Here you can find code examples for creating the PageAccessToken in C#, Node.JS and PHP.
The current API version is v2.0 .
To use the chayns Backend API, you have to be registered in the Tobit.Software Partner Network (TSPN).
To register, please visit tobit.software/Partner.