Revision History
| Date | Version | Changes |
|---|---|---|
| 2014-09-17 | 1.01 | Error in service URL in table corrected and logout information added. |
| 2014-06-12 | 1.0 | Created |
All services requires the client to include a token, acquired from the authentication service, in the header of the request. The token will be valid for a limited period of time, but valid for all requests during that time interval. In a simplified way the process can be shown as follows:
Login
To authenticate with resources exposed by the API, it is required to sign in with the login service.
The authentication process is done in two steps.
- Authenticate a user and acquire a token called Ticket Granting Ticket (TGT).
- Call resource in context with the TGT.
Sample usage
curl -i -d "username=USERNAME&password=PASSWORD" https://login.boknett.no/v1/tickets HTTP/1.1 201 Created Date: Tue, 10 Jun 2014 16:23:42 GMT Server: Noelios-Restlet-Engine/1.1..1 Location: https://login.boknett.no/v1/tickets/TGT-152-leeshOABMDJE41s55z9WBLq7d7kk2ONUQozYHOF2FimxI5a9D9Z-login.boknett.no Accept-Ranges: bytes Boknett-TGT: TGT-152-leeshOABMDJE41s55z9WBLq7d7kk2ONUQozYHOF2FimxI5a9D9Z-login.boknett.no Content-Length: 0 Via: 1.1 login.boknett.no
Logout
For security reasons it is recommended (although not required) to logout when finished using the TGT. This is not necessary for TGTs that are expired.
| URL | https://login.boknett.no/v1/tickets/{TGT} | ||
| Method | DELETE | ||
| Returns | 200 | OK | |
| 400 | Bad Request | ||
| 405 | Method Not Allowed | ||
Sample usage
curl -X "DELETE" -i https://login.boknett.no/v1/tickets/TGT-152-leeshOABMDJE41s55z9WBLq7d7kk2ONUQozYHOF2FimxI5a9D9Z-login.boknett.no HTTP/1.1 200 OK Date: Tue, 10 Jun 2014 17:21:12 GMT Server: Noelios-Restlet-Engine/1.1..1 Accept-Ranges: bytes Content-Length: 0 Via: 1.1 login.boknett.no
Restrictions
| Restriction | Current value |
|---|---|
| Maximum age of Authorization token (TGT) | 2 hours |
Test environment
https://login.boknett.webbe.no/