search

Bearer Token

The API uses OpenID Connect (OIDC) protocol to authenticate users. The user is issued a username and password from OLI, with which they can use obtain a JWT (JSON Web Token) based access token. This token is then passed in the http headers to all the endpoints.

hashtag
User Authentication

POST https://auth.olisystems.com/auth/realms/api/protocol/openid-connect/token

method returns JWT tokens on successful authentication with username and password

hashtag
Headers

Name
Type
Description

Content-Type

string

application/x-www-form-urlencoded

hashtag
Request Body

Name
Type
Description

username

string

{user_name}

password

string

{password}

grant_type

string

password

client_id

string

apiclient

{
    "access_token": "eyJhbGciOiJ...",
    "expires_in": 300,
    "refresh_expires_in": 1800,
    "refresh_token": "eyJhbGciOiJI...",
    "token_type": "bearer",
    "not-before-policy": 1588002927,
    "session_state": "b0451c5f-5233-4404-b601-558253efe3a6",
    "scope": "oli_user_role"
}

hashtag
Response description

field

type

description

access_token

string

JWT (JSON Web Token)

expires_in

number

token expiration time in seconds

refresh_token_expires_in

number

refresh token expiration time in seconds

refresh_token

string

used to obtain a new JWT after the current one expires

circle-exclamation

currently the access_token is set to expire in 24 hours and the refresh token in 7 days.

hashtag
Refreshing

POST https://auth.olisystems.com/auth/realms/api/protocol/openid-connect/token

method refreshes the access token using the refresh token obtained after login. This is needed when the access token expires.

hashtag
Headers

Name
Type
Description

Content-Type

string

application/x-www-form-urlencoded

hashtag
Request Body

Name
Type
Description

refresh_token

string

{refresh_token}

grant_type

string

refresh_token

client_id

string

apiclient

PreviousAuthenticationNextAPI Keys

Last updated

Was this helpful?