Token based authentication

Owned by Frank Timmerbeil
May 10, 2019
1 min read

https://dev.azeti.net/acp-service/swagger-ui.html#/authentication

Stateless authentication via JSON web token.

POST

/app/auth

BODY:

{ "password": "string", "username": "string" }

Result:


{"token":"string"}

(May return 401)


Use this token in the header of all following calls, with the key:  X-Authorization


The token expires in 15 minutes:

During that time frame get a new one, valid for the next 15 minutes calling:

GET:

/app/token

Result:


{"token":"string"}


Logging out:

Use

GET:

/app/logout

The backend uses this, to write the logout action into an auditlog.

The actual logout is done by the frontend by "forgetting" the token.