To perform any operation in Skyresponse Admin you must have an access token.
To request the access token, do a POST request to the /api/token endpoint. This request must include the proper credentials (Username and Password) supplied to you by the Skyresponse administrator - note that the password should be at least 14 characters and not easy to guess. The access token will determine your permissions when calling the administrative API.
In the following examples we use the placeholders PUT_YOUR_USERNAME_HERE and PUT_YOUR_PASSWORD_HERE, which should be replaced with your actual credentials.
The signature of the HTTP request is as follws:
POST /api/token
Host: https://admin.skyresponse.com
Content-Type: application/x-www-form-urlencode;
Request body: username=PUT_YOUR_USERNAME_HERE&password=PUT_YOUR_PASSWORD_HERE&grant_type=password
You should receive an HTTP 200 OK response from the server if the credentials provided were correct:
{
"access_token": "tkgY9yiM...plBp",
"token_type": "bearer",
"expires_in": 28800,
"twoFactorAuthType": "none|google|sms",
}
Notice access_token and token_type. These values will be required in all later requests as authorization.
Notice expires_in. It indicate how long the token is valid in seconds. See below for token refresh.
Notice If twoFactorAuthType is a value other than none it means that two-factor authentication is enabled for the user. In that case, the access token returned will only be valid to perform the second step of the two-factor authentication process. See section Two-factor authentication below for details.
If the wrong credentials were provided, the server will respond with an HTTP 400 Bad Request
{
"error": "invalid_grant",
"error_description": "The user name or password is incorrect."
}
cURL example:Example of log-in:
curl -X POST -d 'username=PUT_YOUR_USERNAME_HERE&password=PUT_YOUR_PASSWORD_HERE&grant_type=password' 'https://admin.skyresponse.com/api/token'
For users with two-factor authentication enabled, a second step of authentication must be performed to get a complete access token. This means that after a successful request to the /api/token endpoint, another POSTrequest must be made to the /api/2fa endpoint with a valid 6-digit onetime code. Depending on the user’s choice of two-factor authentication method, the onetime code will either be sent by SMS or generated as a timebased code in Google Authenticator.
Signature of example HTTP request to /api/2fa:
POST /api/2fa
Host: https://admin.skyresponse.com
Accept: application/json
Content-Type: application/json
Content-Length: 45
{ "AuthCode": "129849", "RememberMe": true }
Set RememberMe to true if you want to skip the two-factor authentication step when logging in for the next 14 days. A cookie named rememberme2fa will in that case be created and returned with the response. That cookie will then be checked in subsequent requests to /api/token from the same client/browser.
You should receive an HTTP 200 OK response from the server if the access_token (retrieved from /api/token) and the onetime code provided were correct:
{
"data": {
"access_token": "tkgY9yiM...plBp",
"token_type": "bearer",
"expires_in": 28800,
},
"errors": null
}
If an invalid onetime code was provided, the response will be an HTTP 406 Not Acceptable:
{
"data": null,
"errors": [
{
"name": "TwoFactorInvalidOnetimeCode"
}
]
}
The response attribute expires_in indicate how many seconds the returned token is valid. Before that time have elapsed a new token needs to be fetched to no be logged out of the system. This is done with th
Signature of example HTTP request to api/accesstoken/refresh:
POST api/accesstoken/refresh
Host: https://admin.skyresponse.com
Authorization: Bearer tkgY9yiM...plBp
The authorization needs to have the Bearer token as received previously. This will return a response in same way as above, but with a new token with a new expiry time.
{
"data": {
"access_token": "tkgY9yiM...plBp",
"token_type": "bearer",
"expires_in": 28800,
},
"errors": null
}
To perform any operation in Skyresponse Admin you must have an access token.
To request the access token, do a POST request to the /api/token endpoint. This request must include the proper credentials (Username and Password) supplied to you by the Skyresponse administrator - note that the password should be at least 14 characters and not easy to guess. The access token will determine your permissions when calling the administrative API.
In the following examples we use the placeholders PUT_YOUR_USERNAME_HERE and PUT_YOUR_PASSWORD_HERE, which should be replaced with your actual credentials.
The signature of the HTTP request is as follws:
POST /api/token
Host: https://admin.skyresponse.com
Content-Type: application/x-www-form-urlencode;
Request body: username=PUT_YOUR_USERNAME_HERE&password=PUT_YOUR_PASSWORD_HERE&grant_type=password
You should receive an HTTP 200 OK response from the server if the credentials provided were correct:
{
"access_token": "tkgY9yiM...plBp",
"token_type": "bearer",
"expires_in": 28800,
"twoFactorAuthType": "none|google|sms",
}
Notice access_token and token_type. These values will be required in all later requests as authorization.
Notice expires_in. It indicate how long the token is valid in seconds. See below for token refresh.
Notice If twoFactorAuthType is a value other than none it means that two-factor authentication is enabled for the user. In that case, the access token returned will only be valid to perform the second step of the two-factor authentication process. See section Two-factor authentication below for details.
If the wrong credentials were provided, the server will respond with an HTTP 400 Bad Request
{
"error": "invalid_grant",
"error_description": "The user name or password is incorrect."
}
cURL example:Example of log-in:
curl -X POST -d 'username=PUT_YOUR_USERNAME_HERE&password=PUT_YOUR_PASSWORD_HERE&grant_type=password' 'https://admin.skyresponse.com/api/token'
For users with two-factor authentication enabled, a second step of authentication must be performed to get a complete access token. This means that after a successful request to the /api/token endpoint, another POSTrequest must be made to the /api/2fa endpoint with a valid 6-digit onetime code. Depending on the user’s choice of two-factor authentication method, the onetime code will either be sent by SMS or generated as a timebased code in Google Authenticator.
Signature of example HTTP request to /api/2fa:
POST /api/2fa
Host: https://admin.skyresponse.com
Accept: application/json
Content-Type: application/json
Content-Length: 45
{ "AuthCode": "129849", "RememberMe": true }
Set RememberMe to true if you want to skip the two-factor authentication step when logging in for the next 14 days. A cookie named rememberme2fa will in that case be created and returned with the response. That cookie will then be checked in subsequent requests to /api/token from the same client/browser.
You should receive an HTTP 200 OK response from the server if the access_token (retrieved from /api/token) and the onetime code provided were correct:
{
"data": {
"access_token": "tkgY9yiM...plBp",
"token_type": "bearer",
"expires_in": 28800,
},
"errors": null
}
If an invalid onetime code was provided, the response will be an HTTP 406 Not Acceptable:
{
"data": null,
"errors": [
{
"name": "TwoFactorInvalidOnetimeCode"
}
]
}
The response attribute expires_in indicate how many seconds the returned token is valid. Before that time have elapsed a new token needs to be fetched to no be logged out of the system. This is done with th
Signature of example HTTP request to api/accesstoken/refresh:
POST api/accesstoken/refresh
Host: https://admin.skyresponse.com
Authorization: Bearer tkgY9yiM...plBp
The authorization needs to have the Bearer token as received previously. This will return a response in same way as above, but with a new token with a new expiry time.
{
"data": {
"access_token": "tkgY9yiM...plBp",
"token_type": "bearer",
"expires_in": 28800,
},
"errors": null
}