Authentication

Passing Authentication

The Opentact API will require an API Key to authenticate requests.

All API requests are required to be made over HTTPS, HTTP requests will return back a 301 response - permanent redirection.

There are 5 methods to pass authentication to the API.

For accessing the API a valid email and password must be passed in the 'Authorization' header.

The following syntax must be used in the header 'Authorization: Basic base64(email:password)'

A valid token is base64 encoded value of 'email:password'

  The following syntax must be used in the headers:
      Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=v

Security Scheme Type

HTTP Authorization Scheme

HTTP

Basic

For accessing the API a valid JWT token must be passed to the query:

inX-Auth-Token header.
as jwt query param.
as jwt formdata body param

A valid token is generated by the API and returned as a response of
   a call to the route: /rest/auth giving a valid email & password.

  The following syntax must be used in the headers:
      X-Auth-Token: xxxxxx.yyyyyyy.zzzzzz

Header Parameter Name

Security Scheme Type

X-Auth-Token

API Key

For accessing the API a valid Google token must be passed to the query:

inX-Auth-Google-Token header.
as google_token query param.
as google_token formdata body param

A valid token is generated by the Google auth API and returned as a response from the Google Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Google-Token: xxxxxx.yyyyyyy.zzzzzz

More info can be found here: https://developers.google.com/identity/sign-in/web/backend-auth

Header Parameter Name

Security Scheme Type

X-Auth-Google-Token

API Key

For accessing the API a valid Facebook token must be passed to the query:

inX-Auth-Facebook-Token header.
as facebook_token query param.
as facebook_token formdata body param

A valid token is generated by the Facebook auth API and returned as a response 
of the Facebook Sign-In library.

  The following syntax must be used in the headers:
      X-Auth-Facebook-Token: xxxxxx.yyyyyyy.zzzzzz

More info can be found here: https://developers.facebook.com/docs/facebook-login/web

Header Parameter Name

Security Scheme Type

X-Auth-Facebook-Token

API Key

For accessing the API a valid HA1B token must be passed to the query:

inX-Auth-HA1B-Token header.
as ha1b query param.
as ha1b formdata body param

A valid ha1b token is md5(<login>@<domain>:<domain>:<password>).

  The following syntax must be used in the headers:
      X-Auth-HA1B-Token: xxxxxxyyyyyyyyzzzzzz

More info could be found here: https://www.opensips.org/Documentation/TipsFAQ#toc2

Header Parameter Name

Security Scheme Type

X-Auth-HA1B-Token

API Key

Methods

Auth

GET https://api.opentact.org/rest/auth

This will authenticate the user.

{
  "success": true,
  "payload": {
    "created_on": "2020-10-26T08:44:15.621Z",
    "modified_on": "2020-10-26T08:44:16.023Z",
    "uuid": "60e9fa76-20e7-45ee-bf24-8c4a95143dad",
    "email": "abc@example.co.uk",
    "phone_number": null,
    "first_name": "John",
    "last_name": "Smith",
    "dob": null,
    "gmail_user_id": "107653031006300523703",
    "facebook_user_id": null,
    "apple_user_id": null,
    "wechat_user_id": null,
    "role": "User",
    "gender": null,
    "deleted_on": null,
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1dWlkIjoiNjBlOWZhNzYtMjBlNy00NWVlLWJmMjQtOGM0YTk1MTQzZGFkIiwiaWF0IjoxNjAzNzI2MzM4LCJleHAiOjE2MDM4MTI3Mzh9.uiBWYvx2Bb0zQjellXi4Y2C_DdEhhU6c6R6q979HBus"
  }
}

Code Examples

curl -X GET "https://api.stage.opentact.org/rest/auth" \
-H "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN'
);
$response = Requests::get('https://api.stage.opentact.org/rest/auth', $headers);

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func main() {
	client := &http.Client{}
	req, err := http.NewRequest("GET", "https://api.stage.opentact.org/rest/auth", nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

Token

POST https://api.opentact.org/rest/token

This will create a new bearer token.

Request Body

Name

Type

Description

name

string

Name

ttl

integer

Time to live (min 60)

{
  "success": true,
  "payload": {
    "name": "string",
    "ttl": 60,
    "token": "7VLyaDSQ8W48IETeNBfxbBqwgwzWLTvFojSnLgiXP5X8NSoE",
    "expired_on": "2020-10-26T15:58:28.701Z",
    "uuid": "bac27d93-df33-4e47-b4a1-edfcae0d3654",
    "created_on": "2020-10-26T15:57:28.706Z",
    "modified_on": "2020-10-26T15:57:28.706Z"
  }
}

Code Examples

curl -X POST "https://api.opentact.org/rest/token" \
-H  "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN" \
-H  "Content-Type: application/json" -d "{\"name\":\"string\",\"ttl\":60}"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN',
    'Content-Type' => 'application/json'
);
$data = '{"name":"string","ttl":60}';
$response = Requests::post('https://api.opentact.org/rest/token', $headers, $data);

import requests

headers = {
    'accept': 'application/json',
    'X-Auth-Token': 'JWT_TOKEN',
    'Content-Type': 'application/json',
}

data = '{"name":"string","ttl":60}'

response = requests.post('https://api.opentact.org/rest/token', headers=headers, data=data)

var request = require('request');

var headers = {
    'accept': 'application/json',
    'X-Auth-Token': 'JWT_TOKEN',
    'Content-Type': 'application/json'
};

var dataString = '{"name":"string","ttl":60}';

var options = {
    url: 'https://api.opentact.org/rest/token',
    method: 'POST',
    headers: headers,
    body: dataString
};

function callback(error, response, body) {
    if (!error && response.statusCode == 200) {
        console.log(body);
    }
}

request(options, callback);

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
	"strings"
)

func main() {
	client := &http.Client{}
	var data = strings.NewReader(`{"name":"string","ttl":60}`)
	req, err := http.NewRequest("POST", "https://api.opentact.org/rest/token", data)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	req.Header.Set("Content-Type", "application/json")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

Tokens

GET https://api.opentact.org/rest/token/list

This will return a list of tokens.

{
  "success": true,
  "payload": []
}

Code Examples

curl -X GET "https://api.opentact.org/rest/token/list" \
-H  "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN'
);
$response = Requests::get('https://api.opentact.org/rest/token/list', $headers);

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func main() {
	client := &http.Client{}
	req, err := http.NewRequest("GET", "https://api.opentact.org/rest/token/list", nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

Token

PATCH https://api.opentact.org/token/{uuid}

TBD

Path Parameters

Name

Type

Description

uuid

string

Code Examples

Tokens

DELETE https://api.opentact.org/rest/token/all

This will delete all tokens

{
  "success": true,
  "payload": {}
}

Code Examples

curl -X DELETE "https://api.opentact.org/rest/token/all" \
-H  "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN'
);
$response = Requests::delete('https://api.opentact.org/rest/token/all', $headers);

var fetch = require('node-fetch');

fetch('https://api.opentact.org/rest/token/all', {
    method: 'DELETE',
    headers: {
        'accept': 'application/json',
        'X-Auth-Token': 'JWT_TOKEN'
    }
});

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func main() {
	client := &http.Client{}
	req, err := http.NewRequest("DELETE", "https://api.opentact.org/rest/token/all", nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

Token

DELETE https://api.opentact.org/rest/token/{token}

This will delete a specific token

Path Parameters

Name

Type

Description

string

{
  "success": true,
  "payload": {
    "created_on": "2020-10-26T16:41:12.952Z",
    "modified_on": "2020-10-26T16:41:12.952Z",
    "token": "OVt9di1JqNEmrp2KbLPQ7yHuHb9EZ4yaw4pMS6pyWjuUeT7P",
    "name": "string",
    "expired_on": "2020-10-26T16:42:12.951Z"
  }
}

Code Examples

curl -X DELETE "https://api.opentact.org/rest/token/{JWT_TOKEN}" \
-H  "accept: application/json" -H  "X-Auth-Token: JWT_TOKEN"

<?php
include('vendor/rmccue/requests/library/Requests.php');
Requests::register_autoloader();
$headers = array(
    'accept' => 'application/json',
    'X-Auth-Token' => 'JWT_TOKEN'
);
$response = Requests::delete('https://api.opentact.org/rest/token/JWT_TOKEN', $headers);

var fetch = require('node-fetch');

fetch('https://api.opentact.org/rest/token/JWT_TOKEN', {
    method: 'DELETE',
    headers: {
        'accept': 'application/json',
        'X-Auth-Token': 'JWT_TOKEN'
    }
});

package main

import (
	"fmt"
	"io/ioutil"
	"log"
	"net/http"
)

func main() {
	client := &http.Client{}
	req, err := http.NewRequest("DELETE", "https://api.opentact.org/rest/token/JWT_TOKEN", nil)
	if err != nil {
		log.Fatal(err)
	}
	req.Header.Set("accept", "application/json")
	req.Header.Set("X-Auth-Token", "JWT_TOKEN")
	resp, err := client.Do(req)
	if err != nil {
		log.Fatal(err)
	}
	bodyText, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("%s\n", bodyText)
}

PreviousOpentact API Reference Sheet NextQuick Start guide

Last updated 5 years ago

hashtagPassing Authentication

hashtagThe Opentact API will require an API Key to authenticate requests.

hashtagMethods

hashtagAuth

hashtagCode Examples

hashtagToken

hashtagRequest Body

hashtagCode Examples

hashtagTokens

hashtagCode Examples

hashtagToken

hashtagPath Parameters

hashtagCode Examples

hashtagTokens

hashtagCode Examples

hashtagToken

hashtagPath Parameters

hashtagCode Examples

Passing Authentication

The Opentact API will require an API Key to authenticate requests.

Methods

Auth

Code Examples

Token

Request Body

Code Examples

Tokens

Code Examples

Token

Path Parameters

Code Examples

Tokens

Code Examples

Token

Path Parameters

Code Examples