Authentication and Access APIs
POST /oauth/token
Description
Access to Insights APIs is regulated via an API key/token. It is used for authentication purposes in the user's automation code implementation. Once the API key is generated, it remains valid and can be used multiple times.
Authentication API is the mechanism that generates an API key/token for further authentication based on the provided username and password.
Body Parameters
| Name | Description | Type | Required | Default |
|---|---|---|---|---|
| grant_type | The type of the input parameters | String | Yes | password |
| username | Login account name | String | Yes | |
| password | Login account password | String | Yes | |
| client_id | The client ID for authentication | String | Yes | fixstreamapp |
| client_secret | The client secret for authentication | String | Yes | fixstream |
| scope | The access scope of the token | String | No | read write trust |
CURL Example
The below code snippet shows an example of the API call, where <NCE-IP>, <PASSWORD> & <USERNAME> are variables.
curl --location 'https://<NCE-IP>/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'password=<PASSWORD>' \
--data-urlencode 'username=<USERNAME>@resolve.io' \
--data-urlencode 'client_id=fixstreamapp' \
--data-urlencode 'client_secret=fixstream' \
--data-urlencode 'scope=read write trust'
Response
Upon a successful request, the API returns Status code 200 with the following body:
| Name | Description | Type |
|---|---|---|
| access_token | The API token needed for further authentication | String |
| token_type | The token type. By default, it's "bearer" | String |
| refresh_token | The API token needed for authentication refresh | String |
| expires_in | Number of seconds to expire the token. After that use the refresh token | Integer |
| scope | Access scope of the token. By default, it's "read, write, trust" | String |
| user | Details about the authenticated user | Object |
| jti | Unique identifier for the generated API key/token | String |
GET /api/v2/users/loggedIn/detail
Description
Get details of the authorized user including name, last login time, organizations, and sites with their corresponding access privileges.
Header Parameters
| Type | Description | Type | Required | Default |
|---|---|---|---|---|
| Authorization | Bearer API token/key. The format is Bearer <API_key> | String | Yes |
CURL Example
The below code snippet shows an example of the API call, where <NCE-IP> & <API-TOKEN> are variables.
curl --location 'https://<NCE-IP>/api/v2/users/loggedIn/detail' \
--header 'Authorization: Bearer <API-TOKEN>'
Response
Upon a successful request, the API returns Status code 200 with the following body:
| Name | Description | Type |
|---|---|---|
| name | User's display name | String |
| firstName | User's first name | String |
| lastName | User's last name | String |
| middleName | User's middle name | String |
| User's email address | String | |
| emailAddress | String | |
| phone | User's phone | String |
| password | Not in use. User's password hash | String |
| createdBy | Username that created this user | String |
| lastUpdatedBy | Username that updated this user | String |
| userType | User's type | String |
| authenticationType | Authentication type | String |
| defaultOrg | User's default organization. The format is defaultOrgId:OrgName | String |
| defaultSite | User's default site. The format is "defaultOrgId:OrgName":"SiteId:SiteName" | List |
| lastUserUpdateTime | Last time when the record was updated. The format is timeyyyy-MM-ddThh:mm:ss.tttZ | Sting |
| lastLoginTime | Last time when the user was logged in. The format is timeyyyy-MM-ddThh:mm:ss.tttZ | Sting |
| group | User's access group | String |
| orgPrivilegeMap | Access schema for the assigned group. It contains a list of organizations, sites, roles, and privileges per each set | Object |