To use our data APIs you need to authenticate through a secret token in the Authorization HTTP header.
In order to get this token, you will need to make a double authentication. The first call will provide you with a "refreshToken" that will allow you to get an "accessToken" with the second call.
For stronger security, the "refreshToken" expires automatically after a specific number of days. Meaning that you need to dynamically generate a new token every time you need to use our Data APIs. The "accessToken" expires automatically after 5 minutes.
To generate a new token you need to run this command:
curl https://apiv2.streamroot.io/auth/auth/login --data '{"login": "XXX@YYY.com", "password": "XXXXXX"}' -H "Content-type: application/json"
If you receive this message:
{"message":"bad username or password"}
It means that either your username or your password is wrong. Please make sure you are using correct username and passwordBelow is an example of the "refreshToken" you get when the entered credentials are correct:
{
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NDMzMzMwNjQsImxvZ2luIjoic3RyZWFtcm9vdHN0cmVhbWluZ0BnbWFpbC5jb20iLCJpZCI6ImI4YjFhNmUyLTVlODYtNDdlYy1iYzM0LTUzNTQzMWQ5MDk2NCIsInJvbGUiOiJ1c2VyIn0._jGg1rJKprKUlPi7CrjRZ-GOSYnPriea6Mg-bc64wF4"
}
You then need to run this command adding the previous token in the Authorization
HTTP header:
curl https://apiv2.streamroot.io/auth/auth/token -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NDMzMzMwNjQsImxvZ2luIjoic3RyZWFtcm9vdHN0cmVhbWluZ0BnbWFpbC5jb20iLCJpZCI6ImI4YjFhNmUyLTVlODYtNDdlYy1iYzM0LTUzNTQzMWQ5MDk2NCIsInJvbGUiOiJ1c2VyIn0._jGg1rJKprKUlPi7CrjRZ-GOSYnPriea6Mg-bc64wF4" -H "Content-type: application/json" -X POST
If you receive this message:
{"message":"unauthorized"}
It means that the "refreshToken" you provided is either wrong or has expired.
If the token is correct, you will get this "accessToken":
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyKhdWQiOiJyZWZyZXNoIiwiZXhwIjoxNTY4MTI3MjY0LCJqdGkiOiJmZjgwMmJmOC1lODM4LTRmNTEtYTliOS1jyDRjOGZmYjUwN2EiLCJzdWIiOiJlbWlsZS5wb21taWVyQJN0cmVhbXJvb3QuaW8ifQ.Ty-oNn6SlCAmvgvXf4nj4m4ym17cRr0DzhDsw2cmz41",
"tokenExpiresIn":300
}
Then, you should use your token in the Authorization
HTTP header:
Authorization: Bearer {YOUR_ACCESS_TOKEN}