Revision History
| Date | Version | Changes |
|---|---|---|
| 2014-09-17 | 1.01 | Error in service URL in table corrected and logout information added. |
| 2014-06-12 | 1.0 | Created |
All services requires the client to include a token, acquired from the authentication service, in the header of the request. The token will be valid for a limited period of time, but valid for all requests during that time interval.
Login
To authenticate with resources exposed by the API, it is required to sign in with the login service.
The authentication process is done in two steps.
- Authenticate a user and acquire a token called Ticket Granting Ticket (TGT).
- Call resource in context with the TGT.
Sample usage
curl -i -d "username=USERNAME&password=PASSWORD" https://login.boknett.no/v1/tickets HTTP/1.1 201 Created Date: Tue, 10 Jun 2014 16:23:42 GMT Server: Noelios-Restlet-Engine/1.1..1 Location: https://login.boknett.no/v1/tickets/TGT-152-leeshOABMDJE41s55z9WBLq7d7kk2ONUQozYHOF2FimxI5a9D9Z-login.boknett.no Accept-Ranges: bytes Boknett-TGT: TGT-152-leeshOABMDJE41s55z9WBLq7d7kk2ONUQozYHOF2FimxI5a9D9Z-login.boknett.no Content-Length: 0 Via: 1.1 login.boknett.no
Logout
For security reasons it is recommended (although not required) to logout when finished using the TGT. This is not necessary for TGTs that are expired.
| URL | https://login.boknett.no/v1/tickets/{TGT} | ||
| Method | DELETE | ||
| Returns | 200 | OK | |
| 400 | Bad Request | ||
| 405 | Method Not Allowed | ||
Sample usage
curl -X "DELETE" -i https://login.boknett.no/v1/tickets/TGT-152-leeshOABMDJE41s55z9WBLq7d7kk2ONUQozYHOF2FimxI5a9D9Z-login.boknett.no HTTP/1.1 200 OK Date: Tue, 10 Jun 2014 17:21:12 GMT Server: Noelios-Restlet-Engine/1.1..1 Accept-Ranges: bytes Content-Length: 0 Via: 1.1 login.boknett.no
Restrictions
| Restriction | Current value |
|---|---|
| Maximum age of Authorization token (TGT) | 2 hours |
Test environment
https://login.boknett.webbe.no/