Bearer Token
The API uses OpenID Connect (OIDC) protocol to authenticate users. The user is issued a username and password from OLI, with which they can use obtain a JWT (JSON Web Token) based access token. This token is then passed in the http headers to all the endpoints.
User Authentication
POST https://auth.olisystems.com/auth/realms/api/protocol/openid-connect/token
method returns JWT tokens on successful authentication with username and password
Headers
Content-Type
string
application/x-www-form-urlencoded
Request Body
username
string
{user_name}
password
string
{password}
grant_type
string
password
client_id
string
apiclient
{
"access_token": "eyJhbGciOiJ...",
"expires_in": 300,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJI...",
"token_type": "bearer",
"not-before-policy": 1588002927,
"session_state": "b0451c5f-5233-4404-b601-558253efe3a6",
"scope": "oli_user_role"
}Response description
field
type
description
access_token
string
JWT (JSON Web Token)
expires_in
number
token expiration time in seconds
refresh_token_expires_in
number
refresh token expiration time in seconds
refresh_token
string
used to obtain a new JWT after the current one expires
currently the access_token is set to expire in 24 hours and the refresh token in 7 days.
Refreshing
POST https://auth.olisystems.com/auth/realms/api/protocol/openid-connect/token
method refreshes the access token using the refresh token obtained after login. This is needed when the access token expires.
Headers
Content-Type
string
application/x-www-form-urlencoded
Request Body
refresh_token
string
{refresh_token}
grant_type
string
refresh_token
client_id
string
apiclient
refresh_expires_inLast updated
Was this helpful?