API Authentication and Authorization
jetQuery use Token Based Authentication
Token based authentication works by ensuring that each request to a server is accompanied by a signed token which the server verifies for authenticity and only then responds to the request.
Token is used to identify your account , Teams, and Roles. System has built-in support for
- Accounts Management,
- Teams Management,
- Roles Management
Most of REST endpoints require authentiction (token), there are two types of tokens in system
token- used for simplified API accessJWTtoken- generated using username and password ortoken
A JWTtoken has an expiration time (default: 24 hours), which can be configured per instance using Settings:JwtExpireHours. Tokens can also be invalidated: when the SecurityStamp in a user's profile changes, all JWTtokens for that user are invalidated within one minute.
Authorization using username and password or API token
Note
The "createCookie" parameter is optional. By default, it is set to false. If you wish to create a cookie, set this parameter to true.
Using username and password
| HTTP | |
|---|---|
Return JWTtoken
Using token
| HTTP | |
|---|---|
Authentication
Note
- Authorization header must be base64 encoded
curluse-uoption to send Authorization Basic (curl has built-in support for base64 encoding)curluse-Hoption to send Authorization Token (curl has built-in support for base64 encoding)
Authorization using Token in query parameters
Security risk
- Sending authorization token in query parameters is not secure, it is recommended to use header
- This method should be used in fully controlled environment, ex. in internal network
| HTTP | |
|---|---|
| HTTP | |
|---|---|
Authorization using cookie
You need to attach cookie to request with name ptoken={{JWTtoken}}