Long lived JSON Web Tokens

The API allows the creation of long lived JSON Web Tokens (JWTs) which can be used to automate other tasks or for accessing other exposed APIs.

To generate this tokens it is required to:

1. Issue an HTTP request to obtain the token

2. Pass this token on the URL of the other requests through the apiToken query string parameter

Issue an HTTP request to obtain the token.

curl -X 'POST' \
'https://<CONNECTWARE HOST>/api/login' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-k \
-d '{
"username": "<A USERNAME>",
"password": "<A PASSWORD>",
"expireTimeInHours": 99999,
"label": "test-token"
}'

This will return a JSON response with a token property which contains the JWT holding the authentication claims for the user.

Pass this token on the URL of the other requests through the apiToken query string parameter.

curl -k --location --request GET https://<CONNECTWARE HOST>/api/users?apiToken=<TOKEN OBTAINED IN PREVIOUS STEP HERE>

Browser Authentication

In order to authenticate users on the browser using the aforementioned token, simply enter the following address:

https://<CONNECTWARE HOST>/admin?apiToken=<TOKEN>

And if you wish the browser to redirect elsewhere with-in Connectware once authenticated (useful for Cybus::IngressRoute resources) use:

https://<CONNECTWARE HOST>/admin?redirect=<REDIRECTION URL>&apiToken=<TOKEN>

Example:

https://<CONNECTWARE HOST>/admin?redirect=/services/foo/bar&apiToken=barFoo

Note on Security

A JWT provides access to Connectware with the same permissions as the user who generated it so it should be handled following good security practices. Ideally these tokens should be always generated by users with as many permission levels as required and not more.

In future Connectware versions the Admin-UI will add support for creating these tokens too.