Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
protogrid:json_api_authentication [2022-02-21 23:48] – [How to send authenticated http requests] dru | protogrid:json_api_authentication [2024-04-20 19:24] – dru | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== JSON API Authentication ====== | ====== JSON API Authentication ====== | ||
+ | All HTTP requests to the Protogrid JSON API require a valid authentication. If the authentication fails an HTTP error 403 will be returned. | ||
- | All HTTP requests to the Protogrid JSON API require a valid authentication. If the authentication fails, an HTTP error 403 will be returned. Currently, the following variants are available for authentication: | + | The following variants are available for authentication |
- | * Header | + | * Header |
- | * [[https:// | + | * [[https:// |
- | * Cookie | + | * Cookie |
- | Note: Both the email address (e.g. " | + | Note: Both the email address (e.g. " |
- | ==== / | + | |
+ | ===== Cross-Origin Resource Sharing (CORS) ===== | ||
+ | If you want to call the JSON API from the web client of another application or website, i.e. from a domain other than the Protogrid environment, | ||
+ | |||
+ | Please note that for security reasons, authentication using cookies is not possible in this context, i.e. each individual request must be called with either basic or header authentication. | ||
+ | |||
+ | ===== / | ||
[POST] In order to obtain a session cookie you can use the authentication endpoint. | [POST] In order to obtain a session cookie you can use the authentication endpoint. | ||
- | === Examples === | + | Note: For this endpoint, in addition to the three variants above, the credentials can also be passed as " |
+ | <code javascript> | ||
+ | { | ||
+ | " | ||
+ | " | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | ===== Examples | ||
- | == HTTP == | + | ==== HTTP ==== |
< | < | ||
POST / | POST / | ||
Line 21: | Line 35: | ||
</ | </ | ||
- | == jQuery == | + | ==== jQuery |
<code javascript> | <code javascript> | ||
$.ajax({ | $.ajax({ | ||
Line 35: | Line 49: | ||
</ | </ | ||
- | == Python == | + | ==== Python |
<code python> | <code python> | ||
import requests | import requests | ||
Line 46: | Line 60: | ||
</ | </ | ||
- | == Axios == | + | ==== Axios ==== |
<code javascript> | <code javascript> | ||
const axios = require(' | const axios = require(' | ||
Line 68: | Line 82: | ||
</ | </ | ||
- | == Success Response == | + | ==== Success Response |
Example response of successful authentication: | Example response of successful authentication: | ||
<code javascript> | <code javascript> | ||
Line 78: | Line 92: | ||
</ | </ | ||
- | == Error Response == | + | ==== Error Response |
Example response of unsuccessful authentication: | Example response of unsuccessful authentication: | ||
<code javascript> | <code javascript> | ||
Line 93: | Line 107: | ||
</ | </ | ||
- | === Example HTTP requests | + | ===== Examples |
- | == AJAX == | + | ==== HTTP ==== |
+ | < | ||
+ | GET / | ||
+ | Host: example.protogrid.com | ||
+ | Cookie: session=.eJyNsjcfzO7DzDBQxq3cxhPBl1JzwkL4AnjUOkhrJWjN0bOGXd9dpeWmO-337efwDyf4bLA.YhNvyQ.PZSBKOhy94xZ8yLq-e0HwIqo | ||
+ | </ | ||
+ | |||
+ | ==== jQuery ==== | ||
<code javascript> | <code javascript> | ||
$.ajax({ | $.ajax({ | ||
Line 112: | Line 133: | ||
Most browsers automatically save received cookies and then automatically attach them to subsequent requests. | Most browsers automatically save received cookies and then automatically attach them to subsequent requests. | ||
- | == Python == | + | In particular, this means that you usually don't need to worry about authentication if you use JSON API requests in [[protogrid: |
+ | |||
+ | ==== Python | ||
<code python> | <code python> | ||
# The cookie variable was set above in the authentication example. | # The cookie variable was set above in the authentication example. | ||
Line 122: | Line 145: | ||
For more information about the requests library, please refer to [[http:// | For more information about the requests library, please refer to [[http:// | ||
- | == Axios == | + | ==== Axios ==== |
<code javascript> | <code javascript> | ||
axios.get(' | axios.get(' |