Академический Документы
Профессиональный Документы
Культура Документы
This service checks if OAuth2 authentication is enabled on the selected hostname and returns the authorization server hostname.
URL structure
Parameters
Sample request
Response Fields
enabled Boolean 1
Sample response
{"uri":"https://sso-au1.aconex.com:443","enabled":true}
Prerequisites
None
Constraints
Related APIs
This request is done in an Internet Browser for security reasons. After successful authorization by the user this request returns an access code
that can be exchanged into an access token.
URL structure
Parameters
email String 0..1 User email address. Only used for SSO enabled accounts.
Sample request
Response Fields
code String(40) 0..1 Valid for 60 seconds. Available if authentication was successful.
Sample response
Error 400 Invalid redirect_uri Problem accessing /as/authorization.oauth2. Reason: Invalid redirect_uri 400
Error 400 Unknown or invalid Problem accessing /as/authorization.oauth2. Reason: Unknown or invalid client_id 400
client_id
NO_UNIQUE_USER_FOUND Returned if provided email doesn’t exist or there are multiple users found for specified 302
email.
Note: Responses with Http Status Code 302 is returned to the specified return uri, see sample above.
Prerequisites
Valid client id and return uri. For SSO (Single Sign On) requests, valid email is needed.
Constraints
Related APIs
URL structure
Note: The “auth server hostname” can be retrieved using the API service “Get OAuth Status”
Interface
If the optional field “client_secret” is used, it needs to be added through a request header together with the “client_id”. The two fields are Base64
encoded using “client_id” as username and the “client_secret” as password. Use the header key “Authorization”. If this header is provided, the
“client_id” as request field can be omitted.
Sample Header
Request Fields
client_id String 0..1 Same used retrieving the code. Omitted if used with client_secret header.
code String(40) 1
Sample request
Response Fields
refresh_token String(42) 1
access_token String(481) 1
Sample response
{"token_type":"Bearer","expires_in":86399,"refresh_token":"y3KZkGwvP4CCnXBkHqUoDXuRHkO4NyLP0QIRM5WQDE","access_token":"eyJhbGciOiJSUzI1N
Prerequisites
Constraints
Related APIs
URL structure
Interface
If the optional field “client_secret” is used, it needs to be added through a request header together with the “client_id”. The two fields are Base64
encoded using “client_id” as username and the “client_secret” as password. Use the header key “Authorization”. If this header is provided, the
“client_id” as request field can be omitted.
Sample Header
Request Fields
refresh_token String(42) 1
Sample request
refresh_token String(42) 1
access_token String(481) 1
Sample response
{"token_type":"Bearer","expires_in":86399,"refresh_token":"y3KZkGwvP4CCnXBkHqUoDXuRHkO4NyLP0QIRM5WQDE","access_token":"eyJhbGciOiJSUzI1N
Prerequisites
Constraints
None
Related APIs