Creating Application Tokens

Users who are logged in can create an application_token via POST request to /api/v1/application_token.

POST https://portal.whereversim.com/api/v1/application_token

Request header

Authorization: Bearer kNTktNTA1My00YzdhLT...

Request body

{
  "description": "Token with expiry date",
  "expiry_date": "2021-05-29"
}

Response

{
  "application_token": "KAOp24TuMgjO2FpZmZ3ZFjSqpk7ea_mY8..."
}

The application token can then be used instead of the user/password combination and can be revoked at any time.

Authenticating with an Application Token

The /api/v1/authenticate API is used to generate a JWT auth_token which authenticates subsequent API calls. The application_token is created via POST request to /api/v1/application_token

POST https://portal.whereversim.com/api/v1/authenticate

Request body

{
  "application_token": "kNTktNTA1My00YzdhLT..."
}

Response

{
  "auth_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Unlike user and password authentication, only an auth_token is returned by the server and no refresh_token will be included in the response.