Request An Authentication Token

Title

Authenticate a user and obtain an authentication token

URL Path

vault_rest/authenticate

Method

GET

CORS support

Yes

Http return

200, 400, 401, 403, 409, 500

Table of Contents

Last Updated

08 May 2017

Summary

This API allows a user to sign in and obtain an authentication token to use in concurrent REST calls.

Use Cases (used by)

All clients accessing MetaDefender Vault REST must call this method first to obtain an authentication token.

HTTP header parameters

Name

Value

Required

Description

Example

Authorization

'Basic ' + Base64 encoded User name & password separated by a line break OR
'Basic ' + Base64 encoded pin code

REQUIRED

If authenticating with user name & password, remember to add the line break between user name and password.
For example:

user
password

Pin Code or User name & Password must be UTF-8 encoded before Base64 encoded.
Note: do not Base64 encode the word 'Basic ' at the beginning of the value

GET /vault_rest/authenticate HTTP/1.1
Host: localhost:8000
Authorization: Basic YWRtaW4NCmFkbWlu

Request Error

400

Bad Request

Invalid HTTP request

401

Invalid parameter

One or more parameters are invalid

403

Forbidden

Authentication credentials incorrect

409

Conflict

User has been synchronized with Active Directory but has attempted to log in with 'old' password)

417

Expectation failed

User has been synchronized with Active Directory but server is not reachable or is not operational.

500

Internal Server Error

Server is temporarily unavailable

Response

Example of a successful request:

{
"expires": "2017-05-10T09:36:09.5479468Z",
"token": "rWx0PkJHv2G8C5FvvYCEqpj89SDct0",
"user_id": 1
}

Descriptions of response:

token

Authentication token for user

This token should be used to authenticate any subsequent REST calls

expires

Date and time of token expiry

The token is guaranteed to be valid until this date + time, even if no subsequent calls are made (except when the token is canceled by Cancel Or Expire An Authentication Token)

user_id

Id of the user associated with the token

The database id of the user