Commit fffc0d2a authored by Daniel Gerhardt's avatar Daniel Gerhardt

APi dev docs

parent 2df5cd50
Pipeline #30344 passed with stages
in 2 minutes and 8 seconds
......@@ -87,3 +87,4 @@ The current build status for the master branch:
* [Layers](development/layers.md)
* [Caching](development/caching.md)
* [Event System](development/event-system.md)
* [API](development/api.md)
# API
## Authentication
The ARSnova API uses _JSON Web Tokens_ to authenticate users statelessly.
To receive a JWT initially, a client has to login using an endpoint specific for the authentication provider.
As response a JSON object containing the JWT is sent:
```json
{
"userID": "fe5d046b30c64e3e931094865d3415c4",
"loginId": "arsnova-user@example.com",
"authProvider": "ARSNOVA",
"token": "eyJ0eXAiOi...eLvinH9rZ0"
}
```
To get authorization to API endpoints the JWT is sent as part of HTTP Basic Authentication with `Bearer` scheme as described in
[RFC 6750](https://tools.ietf.org/html/rfc6750).
The `Authorization` header is set for all further requests:
```
Authorization: Bearer eyJ0eXAiOi...eLvinH9rZ0
```
## REST Endpoints
## Query Endpoint
## Management Endpoints
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment