Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
protogrid:json_api_authentication [2022-02-21 23:35] – [/api/v2/authenticate] dru | protogrid:json_api_authentication [2024-04-20 19:24] – dru | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== JSON API Authentication ====== | ====== JSON API Authentication ====== | ||
+ | All HTTP requests to the Protogrid JSON API require a valid authentication. If the authentication fails an HTTP error 403 will be returned. | ||
- | All HTTP requests to the Protogrid JSON API require a valid authentication. If the authentication fails, an HTTP error 403 will be returned. Currently, the following variants are available for authentication: | + | The following variants are available for authentication |
- | * Header | + | * Header |
- | * [[https:// | + | * [[https:// |
- | * Cookie | + | * Cookie |
- | Note: Both the email address (e.g. " | + | Note: Both the email address (e.g. " |
- | ==== / | + | |
+ | ===== Cross-Origin Resource Sharing (CORS) ===== | ||
+ | If you want to call the JSON API from the web client of another application or website, i.e. from a domain other than the Protogrid environment, | ||
+ | |||
+ | Please note that for security reasons, authentication using cookies is not possible in this context, i.e. each individual request must be called with either basic or header authentication. | ||
+ | |||
+ | ===== / | ||
[POST] In order to obtain a session cookie you can use the authentication endpoint. | [POST] In order to obtain a session cookie you can use the authentication endpoint. | ||
- | === Examples === | + | Note: For this endpoint, in addition to the three variants above, the credentials can also be passed as " |
+ | <code javascript> | ||
+ | { | ||
+ | " | ||
+ | " | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | ===== Examples | ||
- | == HTTP == | + | ==== HTTP ==== |
< | < | ||
POST / | POST / | ||
Line 21: | Line 35: | ||
</ | </ | ||
- | == jQuery == | + | ==== jQuery |
<code javascript> | <code javascript> | ||
$.ajax({ | $.ajax({ | ||
Line 35: | Line 49: | ||
</ | </ | ||
- | == Python == | + | ==== Python |
<code python> | <code python> | ||
import requests | import requests | ||
Line 46: | Line 60: | ||
</ | </ | ||
- | == Axios == | + | ==== Axios ==== |
<code javascript> | <code javascript> | ||
const axios = require(' | const axios = require(' | ||
Line 68: | Line 82: | ||
</ | </ | ||
- | == Success Response == | + | ==== Success Response |
Example response of successful authentication: | Example response of successful authentication: | ||
<code javascript> | <code javascript> | ||
Line 78: | Line 92: | ||
</ | </ | ||
- | == Error Response == | + | ==== Error Response |
Example response of unsuccessful authentication: | Example response of unsuccessful authentication: | ||
<code javascript> | <code javascript> | ||
Line 93: | Line 107: | ||
</ | </ | ||
- | ==== How to send authenticated http requests | + | ===== Examples using a previously obtained session cookie ===== |
- | Each request to any API endpoint has to be authenticated using the cookie returned by the / | + | |
- | === Examples | + | ==== HTTP ==== |
- | == ajax == | + | < |
- | Example ajax request: | + | GET / |
- | Note that when jQuery runs in a browser, that the cookie is passed automatically with the request. | + | Host: example.protogrid.com |
- | < | + | Cookie: session=.eJyNsjcfzO7DzDBQxq3cxhPBl1JzwkL4AnjUOkhrJWjN0bOGXd9dpeWmO-337efwDyf4bLA.YhNvyQ.PZSBKOhy94xZ8yLq-e0HwIqo |
- | $jq.ajax({ | + | </ |
+ | |||
+ | ==== jQuery ==== | ||
+ | < | ||
+ | $.ajax({ | ||
type: ' | type: ' | ||
url: ' | url: ' | ||
Line 107: | Line 124: | ||
dataType: ' | dataType: ' | ||
success: function(data) { | success: function(data) { | ||
- | | + | |
}, | }, | ||
- | error: function(data) { console.log(data); | + | error: function(data) { |
+ | | ||
+ | | ||
}); | }); | ||
</ | </ | ||
- | Note: Some browsers | + | Most browsers |
+ | |||
+ | In particular, this means that you usually don't need to worry about authentication if you use JSON API requests in [[protogrid: | ||
- | == Example Python | + | ==== Python |
- | Example | + | |
<code python> | <code python> | ||
- | # The cookie variable was set above in the authenticate | + | # The cookie variable was set above in the authentication |
url = " | url = " | ||
req = requests.get(url, | req = requests.get(url, | ||
Line 123: | Line 143: | ||
response = json.loads(response) | response = json.loads(response) | ||
</ | </ | ||
- | Note: For more information about the requests, please refer to http:// | + | For more information about the requests |
- | == Example Axios == | + | ==== Axios ==== |
- | Example request with Axios: | + | |
<code javascript> | <code javascript> | ||
axios.get(' | axios.get(' | ||
Line 135: | Line 154: | ||
}) | }) | ||
.then((result) => { | .then((result) => { | ||
- | console.log(' | + | console.log(' |
console.log(result.data); | console.log(result.data); | ||
}) | }) | ||
.catch((error) => { | .catch((error) => { | ||
- | console.log(' | + | console.log(' |
+ | console.log(error); | ||
}); | }); | ||
</ | </ | ||