Searching:
0 results found
BackAuthorizations/Login
Description
To get the authorization token for the Axonize REST API.
The following flow enables you to obtain the required authentication token to log in:
This Login request is sent with the required request parameters.
- Axonize’s Authentication Provider validates the credentials that were supplied.
For valid credentials, one of the following responses is returned, depending on whether or not the MFA mechanism is enabled:
- MFA Not Enabled ‒ A status code of 200 OK is returned in the response, as described below. The API client can use the authorization token to use the Axonize REST API endpoints. The following shows the login response when all login request parameters are satisfactory:
public class LoginResponse : ILoginResponse
{
[DataMember(Name = “token”)]
public string Token { get; set; }
[DataMember(Name = “name”)]
public string UserName;
[DataMember(Name = “redirectUrl”)]
public string RedirectUrl { get; set; }
}
- MFA Enabled ‒ When valid login credentials are provided and MFA is enabled, this login response returns the status code Forbidden 403. In this case, the user must follow the flow described on page 194, in addition to the flow described above, to obtain the Axonize authentication token required for logging in.
Request Properties
There are two options for sending a Login request, as follows:
appId in the Header
In this case, the Application(s) to which the user is allowed access is specified in the appId of the Login request header. The appId is a unique Application identifier that is automatically generated by Axonize in response to the Application/Post request.
| Property | Type | Description | Mandatory |
| String | User email | Y | |
| Password | String | User password | Y |
For example:
https://api.stg.axonize.com/api/auth/login \
-H ‘Content-Type: application/json’ \
-H ‘appId: be517433-c4b8-4788-9258-1ba220432134’ \
-d ‘{“email”:”demousers@axonize.com”,”password”:”somePassword!”}’
URL in the Body
In this case, the Application(s) to which the user is allowed access is determined by the URL property in the body of the Login request (described below). In this case, there is no appId in the Login request header.
| Property | Type | Description | Mandatory |
| URL | String | This URL specifies the application to which the user is allowed access. For example: myapp.stg.axonize.com or myapp.stg.axonize.com/mysubapp. |
Y |
| String | User email | Y | |
| Password | String | User password | Y |
For example:
curl -X POST \
https://api.stg.axonize.com/api/auth/login \
-H ‘Content-Type: application/json’ \
-d ‘{“email”:”demo@user.com”,”password”:”somePassword”,
“url”:”demoapp.stg.axonize.com”}’
Response Properties
| Property | Type | Description |
| Name | String | The user name. |
| Token | String | The authorization token that enables access to the Axonize REST API. |
| RedirectURL | String | For Internal use. The URL for SSO integration. |
200 OK
{
“name”: “some user name”,
“token”: “eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9”,
“redirectUrl”: null
}
If the login user name (email) or password is incorrect, then the response is 401.