Access Using JWT and API Key
From DreamFactory
Toddappleton (Talk | contribs) |
|||
| Line 1: | Line 1: | ||
| − | |||
| − | |||
You can consume DreamFactory 2.0 APIs by providing the combination of JWT and API Key. This is more appropriate in case | You can consume DreamFactory 2.0 APIs by providing the combination of JWT and API Key. This is more appropriate in case | ||
of a non-admin user. When consuming APIs using JWT and application API Key, access is limited by the role assigned to the | of a non-admin user. When consuming APIs using JWT and application API Key, access is limited by the role assigned to the | ||
Revision as of 20:08, 22 June 2016
You can consume DreamFactory 2.0 APIs by providing the combination of JWT and API Key. This is more appropriate in case of a non-admin user. When consuming APIs using JWT and application API Key, access is limited by the role assigned to the user for the application of the API Key being used. Admin users always have access to all APIs using just the JWT.
API Endpoints
{Method} https://{url}/api/v2/{service}/{resource}?session_token={JWT}&api_key={api-key}
-- OR --
{Method} https://{url}/api/v2/{service}/{resource}
Request header
...
X-DreamFactory-Session-Token: {JWT}
X-DreamFactory-Api-Key: {api_key}
...
Example - Using URL parameter
- Service: system
- Resource: user
- Session Token: abc.123.efg
- API Key: abc123efg
- Method: GET
- Request URL:
GET https://foo.com/api/v2/system/user?session_token=abc.123.efg&api_key=abc123efg
Example - Using request header
- Service: system
- Resource: user
- Session Token: abc.123.efg
- API Key: abc123efg
- Method: GET
- Request Header:
... X-DreamFactory-Session-Token: abc.123.efg X-DreamFactory-Api-Key: abc123efg ...
- Request URL:
GET https://foo.com/api/v2/system/user
