Load token
Some API-routes need authentication before they accept and return your data. On successful login, an access_token is returned. This token is valid for 14 days, so it could be cached:
POST
curl
--location 'https://<cambuildr-url>/oauth/login ' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{ "username": "[email protected]", "password": "*****" }'
----- Response:
{
"access_token": "...",
"expires_in": 1209600
}
This created token has to be sent as Bearer-Token in the Authorization-Header for subsequent API calls:
β
Authorization => Bearer {token}
Refresh Token
On successful login a refresh_token is returned per Set-Cookie Header. This token can be used to renew the Access Token. Therefore the refresh token has to be sent per cookie refresh_token to the route
POST <cambuildr-url>/oauth/refresh
geschickt werden.