authentication/login (GET)
SPF-API endpoints use a JWT token for authentication and authorization. An authentication endpoint is available that will accept your product API Key or Hash and provide a valid JWT token.
To request a new JWT access token, make an HTTP GET request to the URL below, setting the api-key header to the API Key or Hash provided by Symmetry.
Authentication URL
https://api-staging.symmetry.com/authentication/login
curl --location --request GET 'https://api-staging.symmetry.com/authentication/login' \
--header 'Accept: application/json' \
--header 'api-key: y0urAPI-KeyG0esH3re'
Authentication Login Response
A successful authentication endpoint response will contain a json object with an access token that can be used for API requests.
{
"accessToken" : "yoUrTokEnISh3re!"
}
An invalid API key will produce the following response.
{
"status": "Unauthorized",
"statusCode": 401,
"reason": "Api key is invalid and/or expired"
}
Token Expiration
Important note: JWT tokens are valid for 24 hours. Once expired, you will receive the following response from the SPF-API endpoints and must request a new token.
Unauthorized Response
Below is a sample SPF-API endpoint response when an invalid, expired, or empty JWT token is provided.
{ "message" : "Unauthorized" }
JSON Web Token (JWT) Usage
The encrypted JWT token is to be included in each request to the SPF-API as a Bearer token in the Authorization header with the following formatting:
Authorization: Bearer eyJhbGciOiJSU0EtT0FF...
curl --location --request GET 'https://api-staging.symmetry.com/spf/getPdf/W4101' \
--header 'Accept: application/pdf' \
--header 'Authorization: Bearer yoUrTokEnG0esH3re!
Updated almost 3 years ago