Authentication

Passing Authentication

The Opentact API will require an API Key to authenticate requests.

All API requests are required to be made over HTTPS, HTTP requests will return back a 301 response - permanent redirection.

There are 5 methods to pass authentication to the API.

For accessing the API a valid email and password must be passed in the 'Authorization' header.

The following syntax must be used in the header 'Authorization: Basic base64(email:password)'

A valid token is base64 encoded value of 'email:password'

  The following syntax must be used in the headers:
      Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=v

Security Scheme Type

HTTP Authorization Scheme

HTTP

Basic

For accessing the API a valid JWT token must be passed to the query:

inX-Auth-Token header.
as jwt query param.
as jwt formdata body param

A valid token is generated by the API and returned as a response of
   a call to the route: /rest/auth giving a valid email & password.

  The following syntax must be used in the headers:
      X-Auth-Token: xxxxxx.yyyyyyy.zzzzzz

Header Parameter Name

Security Scheme Type

X-Auth-Token

API Key

For accessing the API a valid Google token must be passed to the query:

inX-Auth-Google-Token header.
as google_token query param.
as google_token formdata body param

A valid token is generated by the Google auth API and returned as a response from the Google Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Google-Token: xxxxxx.yyyyyyy.zzzzzz

More info can be found here: https://developers.google.com/identity/sign-in/web/backend-auth

Header Parameter Name

Security Scheme Type

X-Auth-Google-Token

API Key

For accessing the API a valid Facebook token must be passed to the query:

inX-Auth-Facebook-Token header.
as facebook_token query param.
as facebook_token formdata body param

A valid token is generated by the Facebook auth API and returned as a response 
of the Facebook Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Facebook-Token: xxxxxx.yyyyyyy.zzzzzz

More info can be found here: https://developers.facebook.com/docs/facebook-login/web

Header Parameter Name

Security Scheme Type

X-Auth-Facebook-Token

API Key

For accessing the API a valid HA1B token must be passed to the query:

inX-Auth-HA1B-Token header.
as ha1b query param.
as ha1b formdata body param

A valid ha1b token is md5(<login>@<domain>:<domain>:<password>).

  The following syntax must be used in the headers:
      X-Auth-HA1B-Token: xxxxxxyyyyyyyyzzzzzz

More info could be found here: https://www.opensips.org/Documentation/TipsFAQ#toc2

Header Parameter Name

Security Scheme Type

X-Auth-HA1B-Token

API Key

Methods

Auth

GET https://api.opentact.org/rest/auth

This will authenticate the user.

{
  "success": true,
  "payload": {
    "created_on": "2020-10-26T08:44:15.621Z",
    "modified_on": "2020-10-26T08:44:16.023Z",
    "uuid": "60e9fa76-20e7-45ee-bf24-8c4a95143dad",
    "email": "abc@example.co.uk",
    "phone_number": null,
    "first_name": "John",
    "last_name": "Smith",
    "dob": null,
    "gmail_user_id": "107653031006300523703",
    "facebook_user_id": null,
    "apple_user_id": null,
    "wechat_user_id": null,
    "role": "User",
    "gender": null,
    "deleted_on": null,
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiNjBlOWZhNzYtMjBlNy00NWVlLWJmMjQtOGM0YTk1MTQzZGFkIiwiaWF0IjoxNjAzNzI2MzM4LCJleHAiOjE2MDM4MTI3Mzh9.uiBWYvx2Bb0zQjellXi4Y2C_DdEhhU6c6R6q979HBus"
  }
}

{
  "success": false,
  "status": 401,
  "message": "Wrong credentials"
}

Code Examples

curl -X GET "https://api.stage.opentact.org/rest/auth" \
-H "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN'
);
$response = Requests::get('https://api.stage.opentact.org/rest/auth', $headers);

import requests

headers = {
    'accept': 'application/json',
    'X-Auth-Token': 'JWT_TOKEN',
}

response = requests.get('https://api.stage.opentact.org/rest/auth', headers=headers)

var fetch = require('node-fetch');

fetch('https://api.stage.opentact.org/rest/auth', {
    headers: {
        'accept': 'application/json',
        'X-Auth-Token': 'JWT_TOKEN'
    }
});

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func main() {
	client := &http.Client{}
	req, err := http.NewRequest("GET", "https://api.stage.opentact.org/rest/auth", nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

Token

POST https://api.opentact.org/rest/token

This will create a new bearer token.

Request Body

Name

Type

Description

name

string

Name

ttl

integer

Time to live (min 60)

{
  "success": true,
  "payload": {
    "name": "string",
    "ttl": 60,
    "token": "7VLyaDSQ8W48IETeNBfxbBqwgwzWLTvFojSnLgiXP5X8NSoE",
    "expired_on": "2020-10-26T15:58:28.701Z",
    "uuid": "bac27d93-df33-4e47-b4a1-edfcae0d3654",
    "created_on": "2020-10-26T15:57:28.706Z",
    "modified_on": "2020-10-26T15:57:28.706Z"
  }
}

{
  "success": false,
  "status": 400,
  "message": "ValidateError",
  "fields": {
    "params.ttl": {
      "message": "min 60",
      "value": 0
    }
  }
}

Code Examples

curl -X POST "https://api.opentact.org/rest/token" \
-H  "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN" \
-H  "Content-Type: application/json" -d "{\"name\":\"string\",\"ttl\":60}"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN',
    'Content-Type' => 'application/json'
);
$data = '{"name":"string","ttl":60}';
$response = Requests::post('https://api.opentact.org/rest/token', $headers, $data);

import requests

headers = {
    'accept': 'application/json',
    'X-Auth-Token': 'JWT_TOKEN',
    'Content-Type': 'application/json',
}

data = '{"name":"string","ttl":60}'

response = requests.post('https://api.opentact.org/rest/token', headers=headers, data=data)

var request = require('request');

var headers = {
    'accept': 'application/json',
    'X-Auth-Token': 'JWT_TOKEN',
    'Content-Type': 'application/json'
};

var dataString = '{"name":"string","ttl":60}';

var options = {
    url: 'https://api.opentact.org/rest/token',
    method: 'POST',
    headers: headers,
    body: dataString
};

function callback(error, response, body) {
    if (!error && response.statusCode == 200) {
        console.log(body);
    }
}

request(options, callback);

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
	"strings"
)

func main() {
	client := &http.Client{}
	var data = strings.NewReader(`{"name":"string","ttl":60}`)
	req, err := http.NewRequest("POST", "https://api.opentact.org/rest/token", data)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	req.Header.Set("Content-Type", "application/json")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

Tokens

GET https://api.opentact.org/rest/token/list

This will return a list of tokens.

{
  "success": true,
  "payload": []
}

{
  "success": false,
  "status": 401,
  "message": "Wrong credentials"
}

Code Examples

curl -X GET "https://api.opentact.org/rest/token/list" \
-H  "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN'
);
$response = Requests::get('https://api.opentact.org/rest/token/list', $headers);

import requests

headers = {
    'accept': 'application/json',
    'X-Auth-Token': 'JWT_TOKEN',
}

response = requests.get('https://api.opentact.org/rest/token/list', headers=headers)

var fetch = require('node-fetch');

fetch('https://api.opentact.org/rest/token/list', {
    headers: {
        'accept': 'application/json',
        'X-Auth-Token': 'JWT_TOKEN'
    }
});

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func main() {
	client := &http.Client{}
	req, err := http.NewRequest("GET", "https://api.opentact.org/rest/token/list", nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

Token

PATCH https://api.opentact.org/token/{uuid}

TBD

Path Parameters

Name

Type

Description

uuid

string

{
  "success": false,
  "status": 404,
  "message": "Not found"
}

Code Examples

Tokens

DELETE https://api.opentact.org/rest/token/all

This will delete all tokens

{
  "success": true,
  "payload": {}
}

{
  "success": false,
  "status": 401,
  "message": "Wrong credentials"
}

Code Examples

curl -X DELETE "https://api.opentact.org/rest/token/all" \
-H  "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN'
);
$response = Requests::delete('https://api.opentact.org/rest/token/all', $headers);

import requests

headers = {
    'accept': 'application/json',
    'X-Auth-Token': 'JWT_TOKEN',
}

response = requests.delete('https://api.opentact.org/rest/token/all', headers=headers)

var fetch = require('node-fetch');

fetch('https://api.opentact.org/rest/token/all', {
    method: 'DELETE',
    headers: {
        'accept': 'application/json',
        'X-Auth-Token': 'JWT_TOKEN'
    }
});

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func main() {
	client := &http.Client{}
	req, err := http.NewRequest("DELETE", "https://api.opentact.org/rest/token/all", nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

Token

DELETE https://api.opentact.org/rest/token/{token}

This will delete a specific token

Path Parameters

Name

Type

Description

string

{
  "success": true,
  "payload": {
    "created_on": "2020-10-26T16:41:12.952Z",
    "modified_on": "2020-10-26T16:41:12.952Z",
    "token": "OVt9di1JqNEmrp2KbLPQ7yHuHb9EZ4yaw4pMS6pyWjuUeT7P",
    "name": "string",
    "expired_on": "2020-10-26T16:42:12.951Z"
  }
}

{
  "success": false,
  "status": 401,
  "message": "Wrong credentials"
}

{
  "success": false,
  "status": 404,
  "message": "Token not found"
}

Code Examples

curl -X DELETE "https://api.opentact.org/rest/token/{JWT_TOKEN}" \
-H  "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN'
);
$response = Requests::delete('https://api.opentact.org/rest/token/JWT_TOKEN', $headers);

import requests

headers = {
    'accept': 'application/json',
    'X-Auth-Token': 'JWT_TOKEN',
}

response = requests.delete('https://api.opentact.org/rest/token/JWT_TOKEN', headers=headers)

var fetch = require('node-fetch');

fetch('https://api.opentact.org/rest/token/JWT_TOKEN', {
    method: 'DELETE',
    headers: {
        'accept': 'application/json',
        'X-Auth-Token': 'JWT_TOKEN'
    }
});

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func main() {
	client := &http.Client{}
	req, err := http.NewRequest("DELETE", "https://api.opentact.org/rest/token/JWT_TOKEN", nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

PreviousOpentact API Reference Sheet NextQuick Start guide

Last updated 4 years ago

Was this helpful?