Versions Compared

Version Old Version 21 New Version 22
Changes made by

Sandesh Melkote Shivashankar

Garrick Lam

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This document describes how client can obtain access token for authenticating a user to use Amino APIs.

...

  • A User can be authenticated by using our access token, client should first get the access token using our login end point. See Login and authentication#/User%20Authentication/loginUser
  • The client uses this API provided above to authenticate with the service and retrieve session parameters and access tokens used for authenticating with APIs. A logged in client may call this API to retrieve tokens without supplying the authorization parameters. 
  • All new AminoTV APIs only support token auth. Some users are logged in by cookie, for such cases access tokens can be obtained by cookie <-> token exchange process,  See https://confluence.aminocom.com/display/MAPI/Cookie-token+exchange for the exchange process. 

...


Code Block
{
  "data": [
    {
      "type": "AuthenticationTokens",
      "id": "9bc6871e-ce26-4b8a-96f6-e6688599d938",
      "attributes": {
        "login_timestamp": 1538126476,
        "user_id": 1234,
        "user_profile_id": "84eb61a9-75d4-42c7-8c15-84c3d7776227",
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJBbWlub01vdmUiLCJpYXQiOjE1Mzc1MjIxNzQsImV4cCI6MTUzODEyNjk3OSwiYXVkIjoid3d3LmJvb3h0di5maSIsInN1YiI6ImV4YW1wbGVfdXNlckBlbWFpbGRvbWFpbi5jb20iLCJwcm9maWxlX2lkIjoiNmM3Zjk0YWYtYjYwMy00ZjM5LTgzODQtZjEyMjI2ZWE5ZDRjNmM3Zjk0YWYtYjYwMy00ZjM5LTgzODQtZjEyMjI2ZWE5ZDRjIiwidHlwZSI6ImFjY2VzcyIsInN0Yl9zZXJpYWxfbm8iOiI2MTU1MDAyNjYxNjIifQ.RW6NdDE_kGgkOVKqodeT1fDdxU7Slaf551rp5ctBcFc",
        "expires_at_timestamp": 1538126476,
        "refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJBbWlub01vdmUiLCJpYXQiOjE1Mzc1MjIxNzQsImV4cCI6MTU0NTk4OTM3OSwiYXVkIjoid3d3LmJvb3h0di5maSIsInN1YiI6ImV4YW1wbGVfdXNlckBlbWFpbGRvbWFpbi5jb20iLCJ0eXBlIjoicmVmcmVzaCJ9.9Pxzv0oGxjZmAIpZiH-aiue7LwAMcddPPHnaiOkpb-A"
      }
    }
  ]
}

Access Token Usage:

The access token that are obtained from the above can be used to access all the new APIs and legacy APIs.

Renewing an access token:

Every endpoint that provides access token will also provide a refresh token, in order to renew the access token, use the following end point to renew the token User Authentication#/Account%20Authentication/createAccessToken 

Info
  • MUST use the refresh token obtained from the previous authentication.
  • Refresh token will have expiration time, if expired repeat steps from How to get Access Token block.


...