Comment on page
Authentication
To get an access token, call
POST /api/authorize/auth/ with credentials (which you've got from us) containing the email and password needed in the request body. The host address should be the API address (the one you've also got from us).{
"credentials": {
"email": "{{user_email}}", // your login
"password": "{{user_password}}" // your password
}
}
The successful response will return a pair of tokens:
access_token and expire_token.access_token is a key that grants you access to system resources. To access a resource, you need to add your access_token to the header.
headers = {‘ X-Forensic-Access-Token’: <access_token>}access_token is time-limited, the limits depend on the account type.
- service accounts –
OZ_SESSION_LONGLIVE_TTL(5 years by default), - other accounts –
OZ_SESSION_TTL(15 minutes by default).
expire_token is the token you can use to renew your access token if necessary.
If the value of
expire_date > current date, the value of current sessionexpire_date is set to current date + time period that is defined as shown above (depending on the account type). To renew
access_token and expire_token, call POST /api/authorize/refresh/. Add expire_token to the request body and X-Forensic-Access-Token to the header. {
"expire_token": "{{expire_token}}"
}
In case of success, you'll receive a new pair of
access_token and expire_token. The "old" pair will be deleted upon the first authentication with the renewed tokens.Error code | Error message | What caused the error |
400 | Could not locate field for key_path expire_token from provided dict data | expire_token haven't been found in the request body |
401 | Session not found | The session with expire_token you have passed doesn't exist. |
403 | You have not access to refresh this session | A user who makes the request is not this expire_token session owner. |
Last modified 6mo ago