-
Notifications
You must be signed in to change notification settings - Fork 6
Authentication & Authorization
Navigator API uses JSON Web Tokens as an Authorization mechanism over different Authentication/Authorization Methods. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
For partners, Navigator provides a fixed, non-expirable token, per-Tenant, as a basic Authorization Mechanism.
The Authorization Header consist of 3 parts:
- An Authorization Scheme: Bearer
- A tenant (program) to request authorization from (ex: TROC, public, etc)
- a string-based token, the token is a large hash encrypted.
in the form:
Authorization: {scheme} {tenant}:{api token}
For example, a typical token has the current form:
Authorization: Bearer walmart:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MTQ5MDU5NjUsImlhdCI6MTYxNDkwMjM2NSwiaXNzIjoidXJuOk5hdmlnYXRvciIsIm5hbWUiOiJjb252ZXJzaXR5IiwicGFydG5lciI6ImNvbnZlcnNpdHkiLCJpc3N1ZXIiOiJNb2JpbGVpbnNpZ2h0IiwicHJvZ3JhbXMiOlsid2FsbWFydCJdLCJncmFudHMiOnsicHJvZ3JhbXMiOiJ3YWxtYXJ0In0sInRlbmFudCI6IndhbG1hcnQifQ.ueF-WCZIxj-nBDNK9Ln_1dLgT15bS6fVgokGIvLdkrY
For grant access to Navigator's Endpoint, you only need to add a valid Authorization header to all calls.
If you need to access several endpoints at a time, is more reasonable to start a session using the LOGIN endpoint, if you pass the Authorization Header to the current login endpoint:
method: GET
https://[NAVIGATOR URL]/api/v1/login
Navigator will register a Session Cookie to allowing the Partner to query all endpoints he needed, the default session time in Navigator is one hour.
When the partner finishes the session, he can log out into the endpoint:
https://[NAVIGATOR URL]/api/v1/logout