summaryrefslogtreecommitdiffstats
path: root/documentation/api/README.md
blob: d1e88e30c0c99d7321e958a6ec46f7bc2afe3a4d (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

Getting Started

The Api can be called under the following address:

https://<domain_bss>/api/

The collections and resources are described in the Collections section.

Authorization

Some collections need authentication while other can be called without. To authenticate a request you have to send the json web token to the backend.\ There are two way to do so * Authorization Header\ Set the Bearer token in the Authorization header.

Authorization: Bearer <jsonwebtoken>

\<jsonwebtoken> - Full json web token in the form header.payload.signature.

  • Cookies\ To prevent that the Javascript code of the website has access to the full jwt the token is splitted in two seperate cookies.
  • jwt_hp - Normal cookie with the header and payload of the jwt as value.
  • jwt_s - HTTP only cookie with the signature as value.

To get the token use the login method from the api/authentication.

Return values

The API returns data always in JSON format. If the request was successfull it will return status code 200 and the requested data. * 200 - OK\ Request was successfull. Optional the response has an json object with the data included.

If a request is not successfull it will set a html status code and return a json object with a status and an error message included.

{
    "error": "",
    "message": ""
}