Login / Authentication

Introduction

The authorization against the EOS Rest API is done using an Auth header. To get the proper token, you need to authenticate against the EOS server, which is beeing done with two succeeding requests.

First we need to request a login token
Second we need to authenticate to get a session key for further authorization, that
Will be used in our Authorization header.

Parameters that will be used

- DOMAIN: string // windows domain - optional, example: "domain" or ""
- USERNAME: string // user name - e.g.: "swojtowicz"
- USERPASS: string // user password - e.g.: "secret"
- REST_URL: string // rest URL - e.g.: "https://server:port/rest"
- PASSPHRASE: string // will be built using request answers
- SESSIONKEY: string // will be returned in an answer

1. Requesting a login token

Parameters used

- DOMAIN: string // windows domain - optional, example: "domain" or ""
- USERNAME: string // user name - e.g.: "swojtowicz"

URL

auth/user/request_login_token/domain=[DOMAIN]&login=[USERNAME]

Response

{
  message: string, // token to generate passphrase
  session_key: null,
  type: [Success | WrongPassword | CertificateError | UserInactive | UserNotFound | InternalError],
  user_principal: null
}

Example request

https://server.test:1111/rest/auth/user/request_login_token/domain=&login=swojtowicz

Example answer

{
  message: "token123",
  session_key: null,
  type: "Success",
  user_principal: null
}

Usage of the response

Provided your response has type = “Success”, you can now generate a passphrase as follows:

let PASSPHRASE = base64encode('{"token": "token123", "password": "secret"}');
//             = eyJ0b2tlbiI6InRva2VuMTIzIiwicGFzc3dvcmQiOiJnZWhlaW0ifQ==

2. Authentication

Parameters used

- USERNAME: string
- PASSPHRASE: string // base64 encoded passphrase like mentioned above

URL

auth/user/login/domain=&login=[USERNAME]&passphrase_encoded=false&passphrase=[PASSPHRASE]

Answer

{
  message: null,
  session_key: string, // needed for further requests
  type: [Success | WrongPassword | CertificateError | UserInactive | UserNotFound |
InternalError],
  user_principal: string // user name
}

Exmaple request

https:// server:port/rest/auth/user/login/domain=&login=swojtowicz&passphrase_encoded=false&passphrase=eyJ0b2tlbiI6InRva2VuMTIzIiwicGFzc3dvcmQiOiJnZWhlaW0ifQ==

Example response

{
  type: "Success",
  user_principal: "swojtowicz",
  session_key: "1bpb5fvrat7rlpb81he6oq10f4",
  message: null
}

Usage of the response

Provided your response answer type was “Success”, you can and must now use session_key for follow up requests as follows.

3. Authorization Header

To be recognized in follow up requests you have to send an authorization header with each request using given format:

Authorization: "Basic " + base64encode([USERNAME] + ":" + [SESSIONKEY])

Example request authorization header:

Authorization: "Basic " + base64encode("swojtowicz:1bpb5fvrat7rlpb81he6oq10f4")
// Authorization: "Basic c3dvanRvd2ljejoxYnBiNWZ2cmF0N3JscGI4MWhlNm9xMTBmNA=="