Versions Compared

Old Version 17

changes.mady.by.user Ketil Stadskleiv

Saved on

compared with

New Version 18

changes.mady.by.user Ketil Stadskleiv

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

All services requires the client to include a token, acquired from the authentication service. The token will be valid for a limited period of time, but valid for all requests during that time interval. So this is done in two steps:

  1. Authenticate a user and acquire a token called Ticket Granting Ticket (TGT).
  2. Call resource in context with the TGT (re-usable as long as TGT is valid).

In a simplified way the process can be shown as follows:

Login

To authenticate with resources exposed by the API, it is required to sign in with the login service.
The authentication process is done in two steps.

...

This service is called to retrieve a valid TGT token.


URLhttps://login.boknett.no/v1/tickets
MethodPOST
Request
parameters		usernameRequiredUsername for whom to sign in as.
passwordRequiredPassword for whom to sign in as.
Response
headers

Location

URL to logout service (Per 18.9.2014: This URL currently has a bug returning http instead of https, so it cannot be used directly. This will be fixed in next release)

Boknett-TGT

TGT returned from login service
Returns201Created
400Bad Request
405Method Not Allowed

...