Skip to content

Home

Jump to bottom Edit New page
Spandan Singh edited this page Apr 3, 2015 · 3 revisions

How to make the Auth Server API Client

Auth Server API Client is a HTTP client for Auth Server that makes it easy to send HTTP requests and trivial to integrate with web services.

Two parameters have to be send with every request. They are used for you app authentication and authorization.

Name Type Description
key string key is a 10 digit string.
secret string secret is a 40 chracter string.
  • If you will send wrong key or wrong secret app key’s your response will be as follows

Response

{
  "status":"Unauthorized",
  "message":"App Credentials Not Matched"
}

Authentication Checking

  • If you want to protect a resource with authentication first you have to check that if any user is logged in or not, for this you have to post some parameters on a URL .
  • KEY and SECRET parameters are must to be send with every request as follows
   POST  /check

Parameters

Name Type Description
token string Token is a 40 character string which you have to save and send with every another request.
callback_url string It is a URL of your resource for which you want authentication.
login_url string It is the URL where AuthServer will redirect after sucessful login and where you will apply your business logic like saving token, redirecting to callback_url etc.

Examples

  • If token is empty or invalid, callback_url = A and login_url = B, then

Response

{
    "status":"Unauthorized",
    "callback_url":"A",
    "message":"Token Mismatch",
    "login-url":"http://auth.server./?callback_url = A & login_url = B"
}
  • In this response you are getting login_url in which you have to redirect for getting your app to be authenticated.
  • User will enter his credentials.
  • After successful login you will redirect to the login_url of the app which you had send it with the first request and where the developer will apply his business logic like saving token, redirecting to callback_url etc.
  • If the user is not authorized to use the app

Response

{
    "status": "Unauthorized",
    "message": "Oh snap! You are not authorized for <APP NAME> App"
}

To display this message in AuthServer Dashboard, you can redirect to http://auth-server.mybluemix.net?flash_msg=response->msg

  • If the token is valid, you will get the user data

Response

{
    "status": 200,
    "data": {
        "id": 7,
        "first_name": "Spandan",
        "last_name": "Singh",
        "email": "developer.spandan@gmail.com",
        "role": "student",
        "created_at": "2014-12-23 08:56:17",
        "updated_at": "2015-04-03 10:34:15"
    }
}

###Logout

For Logout just redirect to http://auth-server.mybluemix.net/logout

Add a custom footer
Add a custom sidebar

Clone this wiki locally