TABLE OF CONTENTS


Overview

This shall walk you through with how you may obtain an authentication token in VIDIZMO using REST APIs. For more details, see: REST API Reference Guide - Authentication.


Acquire Access Token

Following is an example of how a bearer token can be obtained as well as the flow diagram: 




Request Method: POST


Request URL: /api/v1/user/authenticate

https://{{your-domain}}/api/v1/user/authenticate


Request Body: 
{ 
"emailAddress":"john.doe@gmail.com", 
"password": "examplepassword"
} 


Response Status Code:

200


Response Body:

"N2UCSNDDGI4NND5NMBZLV7ZBV2I3BZLUWQFXF6MGZKXTOCLHPH2SLPR2TMPM54M7CTG4DLFNE5KHSZ4LARTLQVRRCCRFAGVAG242M5RB3S5D4TEXKTSH4AHNMLTB3IF5IZYI4XSHRDDF2YFPLYAEMQL3Y3BKGZHCSDC2T2DQY64RC5Q3R5CQ" 



Once a bearer token is obtained, then they can be passed in the header of the HTTP request to the VIDIZMO API for requesting further information. Here is how further HTTP Requests can be made using the Authentication Token obtained. Here is how the authorization flow takes place. After VIDIZMO application receives the authentication token, it verifies whether the user to whom the token belongs is authorized to perform the action in the request. If the user is allowed to perform the action, then the call is successfully executed, otherwise an exception is thrown for unauthorized access.



When you try sending a HTTP Request with an invalid Access Token in the Request Header, the following is received: 


Response Status Code:

400


Response Body: 

{ 
    "name": "InvalidAccessTokenException", 
    "incidentId": "167c0274-515e-4f16-a309-449c9573e9c6", 
    "exceptionDetails": [] 
}


What happens when token expires

A bearer token that has been generated can expire in two cases:

  1. When a user logs out via {{your-domain}}/api/v1/user/logout API.
  2. When a user is automatically logged out after few minutes of inactivity (The default time for login timeout is 20 minutes which can be changed as well).

 

VIDIZMO APIs will not be able to perform the action that is requested when a token has expired. 


Following is an example of a scenario when a bearer token has expired: 


Request Method: GET 


Request URL:  /api/v1/user/{emailAddress}

https://{{your-domain}}/api/v1/user/esther.fray%40gmail.com?userPartsToFetch=BasicInfo


Request Header: 

Authorization: Bearer <your-bearer-token>
Content-Type: application/json


Response Status Code

400


Response Body:  

{ 
"name": "ExpiredAccessTokenException", 
 "incidentId": "332d7070-78b3-4730-b76f-7a5adafeab31", 
 "exceptionDetails": [] 
}


Refresh Access Token

Once a token expires, you will have to refresh it in order to obtain a new valid token for authentication. Here is how you can do that:


Request Method:  POST


Request URL: /api/v1/user/refresh-access-token  

https://{{your-domain}}/api/v1/user/refresh-access-token/


Response Status Code:

200


Response Body:

<refreshed bearer token>


Read Next