Authentication
FollowAutentication in REST v2
In Altamira for Call and API we need a JWT Token for Authentication.
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. The tokens are signed either using a private secret or a public/private key. For More Information Click Here. Users can Get Altamira Token by the following methods.
- Getting JWT Token : For Generating New Token user have call the following Endpoint.
URL: https://platform.altamirahrm.com/api/v2/REST/GetToken
Type |
Name |
Description |
Schema |
header |
Username |
Username of User |
string |
header |
LoginRequest |
Value must be 1 |
integer |
header |
Password |
Password of User |
string |
Send Username, Password and LoginRequest Values in Header.
Response:
{
"token": "Token-Value",
"refreshToken": "RefreshToken-Value"
}
- Refresh JWT Token: User can refresh token if Token is expired by this Endpoint.
URL: https://platform.altamirahrm.com/api/v2/REST/RefreshToken
Send refreshtoken, and token Values in Header.
Type |
Name |
Description |
Schema |
header |
refreshtoken |
Refreshtoken generated by Authentication |
string |
header |
token |
Token generated by Authentication |
string |
Response:
{
"token": "Token-Value",
"refreshToken": "RefreshToken-Value"
}
- Revoke JWT Token: User can revoke token as per need.
Url : https://platform.altamirahrm.com/api/v2/REST/RevokeToken
Send refreshtoken, and token Values in Header.
Type |
Name |
Description |
Schema |
header |
refreshtoken |
Refreshtoken generated by Authentication |
string |
header |
token |
Token generated by Authentication |
string |
Response :
{
"message": "token is revoked"
}
How to create tokens API for SOAP and REST v1
Tokens allow access to API methods. Tokens are associated with users so that access to the platform through the API is done with that user's security permissions. This means, for example, that if the user only has access to vacancies, he will not be able to use the methods linked to the CVs.
To create an API token:
- Enter Setup > Security > Users
- Click on the name of the user for whom you want to create the API token
- In the API section of the tab, click on New Key
If the user already had an API key, you can replace it by clicking on New Key. In this case, applications that use the old key will no longer work. You can also delete an API key by clicking on Delete Key.
In the API section you will find the following fields:
- API key: it is the key that must be used in applications to access the API. Any operation on the platform data will be carried out with the rights and permissions of the user of this API key
- URL of the SOAP API definition (WSDL): the URL that can be accessed at the WSDL to define the service in SOAP mode. It returns all of the available definitions of the web services, operations and parameters
- SOAP API URL: the URL where the SOAP API can be accessed
- REST API URL: the URL where the REST API can be accessed
Comments
0 comments
Please sign in to leave a comment.