Explore LABS

Follow

H5.3.12 - User Authentication

User Authentication

Resources relative to http://host:8080/matchITHub/

REST Resource Summary
POST user Adds a user
DELETE user Removes a user
GET token Retrieves JWT token

 


 

POST /matchITHub/users

Request

Type

Name

Description

FormParam 

user 

The user ID

FormParam 

role 

The user’s role – either “admin” or “user”

FormParam 

password 

The user’s password

 

Description

Adds a user’s credentials that can be used for future authentication. The user ID should consist only of alphanumeric characters and the password should contain at least 8 characters.
Users that have the “admin” role are authorized to submit any request. Users that have the “user” role are authorized to submit GET requests and lookup requests.
If a user ID already exists, an error message is returned stating “User already exists".

Usage Example

Using cURL:

 $ curl -u admin:examplepassword123 -X POST https://localhost:8080/matchITHub/users --data-
urlencode user=user --data-urlencode role=user --data-urlencode password=examplepassword456

 

DELETE /matchITHub/users/{user}

Request

Type

Name

Description

PathParam

user 

The user to remove

 

Description

Removes a user's credentials.

Usage Example

Using cURL:

$ curl -u admin:examplepassword123 -X DELETE https://localhost:8080/matchITHub/users/user

 

GET /matchITHub/users/token

Response

Name

Value

Description

token

<token>

JWT that can be used in place of basic auth

 

Description

Returns a JWT for the user specified in the provided credentials.

Subsequent queries can use JWT as bearer token, e.g.,:

curl -k https://localhost:8080/matchITHub/engines -H "Authorization: Bearer 
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyb2xlIjoidXNlciIsImlwIjoiMTcyLjE3LjAuMSIsIm5hbWUiOiJ
1c2VyIiwiZXhwIjoxNjM1MjU4MzcyfQ.qyD-U1vXBSJWDlsGKossIGms2_Oe5Tu32wfCrPXOPYc"

Bearer tokens are valid for 24 hours after issue, and are valid for queries that originate from the same remote IP address as the request that issued the token. Tokens are invalidated if the service is restarted.

Usage Example

$ curl -u admin:examplepassword123 -X GET 
https://localhost:8080/matchITHub/users/token
Was this article helpful?
0 out of 0 found this helpful

0 Comments

Please sign in to leave a comment.