Password based authentication
Authentication to LRS Connect API uses OAuth 2.0.
- User can find access token and refresh token using password-based authentication.
- Data for inactive accounts will not be returned.
/rest/v4/oauth/token
Request
In order to receive tokens,
curl --location --request POST 'https://connect.lrsus.com/rest/v4/oauth/token' \
--header 'Content-Type: application/json' \
--data-raw '{
"scope": "OFFLINE_ACCESS",
"userName": "username",
"password": "password",
"grantType": "PASSWORD"
}
'
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
var raw = JSON.stringify({"scope":"OFFLINE_ACCESS","userName":"username","password":"password","grantType":"PASSWORD"});
var requestOptions = {
method: 'POST',
headers: myHeaders,
body: raw,
redirect: 'follow'
};
fetch("https://connect.lrsus.com/rest/v4/oauth/token", requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
import http.client
conn = http.client.HTTPSConnection("connect.lrsus.com")
payload = "{\n \"scope\": \"OFFLINE_ACCESS\",\n \"userName\": \"username\",\n \"password\": \"password\",\n \"grantType\": \"PASSWORD\"\n}\n"
headers = {
'Content-Type': 'application/json'
}
conn.request("POST", "/rest/v4/oauth/token", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
#import <Foundation/Foundation.h>
dispatch_semaphore_t sema = dispatch_semaphore_create(0);
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"https://connect.lrsus.com/rest/v4/oauth/token"]
cachePolicy:NSURLRequestUseProtocolCachePolicy
timeoutInterval:10.0];
NSDictionary *headers = @{
@"Content-Type": @"application/json"
};
[request setAllHTTPHeaderFields:headers];
NSData *postData = [[NSData alloc] initWithData:[@"{\n \"scope\": \"OFFLINE_ACCESS\",\n \"userName\": \"username\",\n \"password\": \"password\",\n \"grantType\": \"PASSWORD\"\n}\n" dataUsingEncoding:NSUTF8StringEncoding]];
[request setHTTPBody:postData];
[request setHTTPMethod:@"POST"];
NSURLSession *session = [NSURLSession sharedSession];
NSURLSessionDataTask *dataTask = [session dataTaskWithRequest:request
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
if (error) {
NSLog(@"%@", error);
dispatch_semaphore_signal(sema);
} else {
NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *) response;
NSError *parseError = nil;
NSDictionary *responseDictionary = [NSJSONSerialization JSONObjectWithData:data options:0 error:&parseError];
NSLog(@"%@",responseDictionary);
dispatch_semaphore_signal(sema);
}
}];
[dataTask resume];
dispatch_semaphore_wait(sema, DISPATCH_TIME_FOREVER);
Request Body
| Key | Description |
|---|---|
| scope | The scope of authentication. Provide scope as OFFLINE_ACCESS. |
| userName | The user name of the user. |
| password | The password of the user. |
| grantType | The authentication grant type. Provide authentication grant type as PASSWORD. |
Response 200 (application/json)
The response will contain a "Bearer" token that must be passed on subsequent requests. The token is valid for 3600 seconds by default. The response also contains a refresh token which can be used to fetch the bearer token again.
{
"tokenType": "Bearer",
"expiresIn": "3600",
"accessToken": "eyJraWQiOiJJQVE3czZMeFNmdW03SWFhYjNocEtiM0R5dGJta2Jic2dwUzVGRElnR2I4IiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULnJ4TUFpYmtBZEJiUHMtYzBlOERmWm5rZUZRU0lzc01WQk51R1RFSGhMVXcub2FyeTFyazI5R3dFbmtNWDEwaDYiLCJpc3MiOiJodHRwczovL2Rldi05MTA3NDEub2t0YXByZXZpZXcuY29tL29hdXRoMi9hdXNianF0YmVpRURlcjZRVDBoNyIsImF1ZCI6Imh0dHBzOi8vYXBpLnN0b3JtcGF0aC5jb20vdjEvYXBwbGljYXRpb25zLzVzdW10Z2h3cDZWTDZxR1NtQ3dUMmMiLCJpYXQiOjE2MTUzNjg2NTIsImV4cCI6MTYxNTM3MjI1MiwiY2lkIjoiMG9hYmpwNW4wYVFQVzNBR0UwaDciLCJ1aWQiOiIwMHVmcGE0ZtIn0.skBZEwFaKHTYCX10889fvJlFd9eLDmxSmiFm78_x7e-TpgxrXI6No-1FqYZ4eFgBLLaBB3Ljet1Ifj0feBvGiXT5RbmYk0MxtaCqq3MN-eEin5-D1WbEkC80NltXhkb8wyN_fyTUn8epFs_gec2DE4-TO99w4WVeKOMHeJacFks6TJby77mXrL8KmB5BOQsck3cEypkP6M5Lnwv5uc-sbL1GI5qB0VZwGPrhdDkRCywzDCIfmJyxvcrh9h0AgyVTjqa4B1OXAIoeFn71YAg9D-3vMvW1NIaBvoh3NRynGeJ3af6ZiIHPDLjPMLESKChw-L_GklbV2Iy1OAo0c7iBIQ",
"scope": "offline_access",
"refreshToken": "wZNBvgaPrP_SzjWvZd90Wpc5KmuC3xs18b32323230"
}
The token is passed as an Authorization header value.
| Header | Value | Description |
|---|---|---|
| Authorization | Example: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0MzU3N...FWFxGl3odgJ25T0O7kwq-hca2QDtSIWKUFHTpBNU97c | Concatenate value of "Bearer" and access_token returned from /rest/v3/oauth/token method. |
SSL
SSL is used to encrypt all requests to & from LRS Connect API.
Updated less than a minute ago