-
Notifications
You must be signed in to change notification settings - Fork 0
Schema Auth
Authorization is only required for write access and accessing sensitive data. Most of the API is wide open for GET access.
Authorization is managed using token model authentication. First you need to log in to retreive the auth tokens. then pass the tokens with each http request.
Still manually managed for now. Something will be arranged for this shortly. Accounts are available on request.
Example:
curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X POST -d '{"email": "jenny@example.com", "password": "SECRET"}' http://ed-materializer-env.elasticbeanstalk.com/auth/sign_in
This will give you the necessary tokens in the header response.
The values you will need to send with requests are:
- uid (your account email)
- access_token
- client
When the session expires you will need to log in again.
After logging in and retrieving the tokens you can test your validation tokens with this GET url (subtituating the 3 params with your tokens):
Here is a sample POST request with auth headers are being passed along using the unix command curl
.
curl -i -H "Accept: application/json" -H "Content-Type: application/json" -H "access_token: ACCESS_TOKEN_HERE" -H "client: CLIENT_NAME_HERE" -H "uid: ACCOUNT_EMAIL_HERE" -X POST -d '{"world_survey":{"system": "test", "commander": "test", "world": "A 1", "iron": "true"}}' http://ed-materializer-env.elasticbeanstalk.com/api/v2/world_surveys
Note: at this time of writing we're still on v1/world_surveys