Request An API Key

Title

Authenticate a user and obtain an API key

URL Path

vault_rest/authenticate

Method

GET

CORS support

Yes

Http return

200, 400, 401, 403, 417, 500

Table of Contents

Last Updated

08 Oct 2019

Summary

This API allows a user to sign in and obtain an API key to use in subsequent API requests.

Use Cases (used by)

All clients accessing MetaDefender Vault REST must call this API first to obtain an API key.

HTTP header parameters

Name

Value

Required

Description

Example

Authorization

'Basic ' + Base64 encoded User name & password separated by a line break OR
'Basic ' + Base64 encoded pin code

REQUIRED

If authenticating with user name & password, remember to add the line break between user name and password.
For example:

user
password

Pin Code or User name & Password must be UTF-8 encoded before Base64 encoded.
Note: do not Base64 encode the word 'Basic ' at the beginning of the value

GET /vault_rest/authenticate HTTP/1.1
Host: localhost:8010
Authorization: Basic YWRtaW4NCmFkbWlu

Request Error

400

Bad Request

Invalid HTTP request

401

Invalid parameter

One or more parameters are invalid

403

Forbidden

Authentication credentials are incorrect

417

Expectation failed

Active Directory server is not reachable or is not operational

500

Internal Server Error

Server is temporarily unavailable

Response

Example of a successful request:

{
"expires": "2017-05-10T09:36:09.5479468Z",
"token": "rWx0PkJHv2G8C5FvvYCEqpj89SDct0",
"user_id": 1
}

Descriptions of response:

token

API key generated for this user

This API key should be used to authenticate any subsequent API requests

expires

Date and time of API expiration

The API key is guaranteed to be valid until this date + time, even if no subsequent calls are made
(except when the API key is canceled by Cancel Or Expire An API Key)

user_id

ID of the user associated with the API key

The database ID of the user