Skip to content
Greg Malcolm edited this page Feb 3, 2016 · 13 revisions

How does it work?

Authorization is only required for write access and accessing sensitive data. Most of the API is wide open for GET access.

Authorization is managed using token model authentication. First you need to log in to retreive the auth tokens. then pass the tokens with each http request.

Account Creation

Still manually managed for now. Something will be arranged for this shortly. Accounts are available on request.

Sign in

POST /auth/sign_in

Example:

curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X POST -d '{"email": "jenny@example.com", "password": "SECRET"}' http://ed-materializer-env.elasticbeanstalk.com/auth/sign_in

This will give you the necessary tokens in the header response.

The values you will need to send with requests are:

  • uid (your account email)
  • access_token
  • client

When the session expires you will need to log in again.

Sign in

POST /auth/sign_in

Validation test

After logging in and retrieving the tokens you can test your validation tokens with this GET url (subtituating the 3 params with your tokens):

http://ed-materializer-env.elasticbeanstalk.com/auth/validate_token/?uid=jenny@example.com&access-token=TOKEN_HERE&client=CLIENT_HERE

Sample request

Here is a sample POST request with auth headers are being passed along using the unix command curl.

curl -i -H "Accept: application/json" -H "Content-Type: application/json" -H "access_token: ACCESS_TOKEN_HERE" -H "client: CLIENT_NAME_HERE" -H "uid: ACCOUNT_EMAIL_HERE" -X POST -d '{"world_survey":{"system": "test", "commander": "test", "world": "A 1", "iron": "true"}}' http://ed-materializer-env.elasticbeanstalk.com/api/v2/world_surveys

Note: at this time of writing we're still on v1/world_surveys

Clone this wiki locally