Versions Compared

Version Old Version 22 New Version 23
Changes made by

Garrick Lam

Sandesh Melkote Shivashankar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This document describes how client can obtain access token for authenticating a user to use Amino APIs.

...

  • A User can be authenticated by using our access token, client should first get the access token using our login end point. See Login and authentication#/User%20Authentication/loginUser
  • The client uses this API provided above to authenticate with the service and retrieve session parameters and access tokens used for authenticating with APIs. A logged in client may call this API to retrieve tokens without supplying the authorization parameters. 
  • All new AminoTV APIs only support token auth. Some users are logged in by cookie, for such cases access tokens can be obtained by cookie <-> token exchange process,  See https://confluence.aminocom.com/display/MAPI/Cookie-token+exchange for the exchange process. 

...


Code Block
{
  "data": [
    {
      "type": "AuthenticationTokens",
      "id": "9bc6871e-ce26-4b8a-96f6-e6688599d938",
      "attributes": {
        "login_timestamp": 1538126476,
        "user_id": 1234,
        "user_profile_id": "84eb61a9-75d4-42c7-8c15-84c3d7776227",
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJBbWlub01vdmUiLCJpYXQiOjE1Mzc1MjIxNzQsImV4cCI6MTUzODEyNjk3OSwiYXVkIjoid3d3LmJvb3h0di5maSIsInN1YiI6ImV4YW1wbGVfdXNlckBlbWFpbGRvbWFpbi5jb20iLCJwcm9maWxlX2lkIjoiNmM3Zjk0YWYtYjYwMy00ZjM5LTgzODQtZjEyMjI2ZWE5ZDRjNmM3Zjk0YWYtYjYwMy00ZjM5LTgzODQtZjEyMjI2ZWE5ZDRjIiwidHlwZSI6ImFjY2VzcyIsInN0Yl9zZXJpYWxfbm8iOiI2MTU1MDAyNjYxNjIifQ.RW6NdDE_kGgkOVKqodeT1fDdxU7Slaf551rp5ctBcFc",
        "expires_at_timestamp": 1538126476,
        "refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJBbWlub01vdmUiLCJpYXQiOjE1Mzc1MjIxNzQsImV4cCI6MTU0NTk4OTM3OSwiYXVkIjoid3d3LmJvb3h0di5maSIsInN1YiI6ImV4YW1wbGVfdXNlckBlbWFpbGRvbWFpbi5jb20iLCJ0eXBlIjoicmVmcmVzaCJ9.9Pxzv0oGxjZmAIpZiH-aiue7LwAMcddPPHnaiOkpb-A"
      }
    }
  ]
}

Access Token Usage:

Clients are expected to provide the token in the "Authorization" header, for example:

Code Block
GET /channels/{channel_id}/relationships/streams HTTP/1.1
Host: customer.domain:443
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJBbWlub1RWIEFQSSIsImlhdCI6MTUzMTgzNDI0MSwiZXhwIjoxNTYzMzcwMjQxLCJhdWQiOiJ3d3cuYW1pbm9jb20uY29tIiwic3ViIjoiYW5keS5iZWFrQGFtaW5vY29tLmNvbSJ9.BL5bRDANTPJqTSiPdUWKN3xSEJTqdVoDuwqrYSaW1xY
cache-control: no-cache

The access token that are obtained from the above can be used to access all the new APIs and legacy APIs.

Info

We recommend that the client does not rely on any claims in the token as these may change without notice.

Renewing an access token:

Every endpoint that provides access token will also provide a refresh token, in order to renew the access token, use the following end point to renew the token User Authentication#/Account%20Authentication/createAccessToken 

Info
  • MUST use the refresh token obtained from the previous authentication.
  • Refresh token will have expiration time, if expired repeat steps from How to get Access Token block.


...