How to get an API token and authorization in REST

This guide shows how to login to an application using REST and get an API token to authenticate yourself in the following requests.

Requisites

Obtaining the API token

To get the API token for a user, an HTTP POST request should be sent to the Token resource. In the post body, username and password are specified in JSON format, and the response body contains a token key with an actual API Token as value. The token should be used in an HTTP Authorization header while communicating with other resources.

It is necessary to get a token using a tool (a browser or any other application that can send http requests). Depending on the client that is used, there are different ways to send HTTP headers. In this example, we show how to use Postman to send HTTP requests.

A login request consists on the following structure:

http://{hostname}:{port}/comGpsGate/api/v.1/applications/{applicationid}/tokens

  • {hostname} is where your GpsGate Server is installed on.
  • {port} port number (the default port is 80).
  • {applicationid} is ID of the application you are trying to log in to.

You can find your application ID in Site Admin

mceclip0.png

Example

  • Server IP: 192.168.0.34
  • Port: 80
  • Application ID: 40

Using Postman tool, we'll make a request to the following URL

http://192.168.0.34:80/comGpsGate/api/v.1/applications/40/tokens where GpsGate is installed to the default port and the application Id 40.  

mceclip1.png

Authorize using the token

Using a 3rd party tool (Postman)

To send an authorization request to GpsGate REST API, you need to select the GET method with an authorization key (the token obtained previously), as shown in the image.

When the authorization is granted, the status code 200 should be returned by the system.

mceclip0.png

Using GpsGate GUI

The next step is performing the authorization using the token obtained in the steps above. The token should be sent in all communications with other resources.

The Authorize button below, is just a UI helper that adds the token to all the other requests.
If you only want to use postman you can add an HTTP header to your requests and it will also work.  

1. Login to http://host_name/comGpsGate/api/v.1/test 

Note: replace host_name with your actual server IP address or host name.

2. Click on the top-right button Authorize

mceclip1.png

3. Paste the token ID generated above and click in Authorize

mceclip2.png

You will get a confirmation message

 mceclip3.png