Obtain JWT authentication token using Cookie SSO
/services/v2/auth/cookiesso/token.json
Request
POST /services/v2/auth/cookiesso/token.json
Header AnswerHubCookieSSO=cookie_value
Response
{ "jwt": "jwt_value"}
Permissions & Notes:
The user being used to make the API request must have the role "Use API" found in the "other roles" permissions granted. Subsequent API access calls made with the JWT token will continue to depend upon the permissions of the user with respect to the particular call being made.
We added this endpoint in version 2.18.0
Sample Request
Use cookie-sso auth to get a token:
curl -H "Cookie: ssoCookieName=ssoCookieValue" -H "Accept: application/json" -H "Content-type: application/json" -X POST "https://hostname/services/v2/auth/token.json"
ssoCookieName - The cookie name configured in the Admin -> Users & Groups -> Settings -> SSO Authentication -> Cookie Handling page
ssoCookieValue - The cookie used to authentication users as configured in the SSO Authentication configuration
hostname - The hostname for the AnswerHub instance
Use the token to execute a GET:
curl -H "Accept: application/json" -H "Content-type: application/json" -H "Authorization: Bearer idToken" -X GET "https://hostname/services/v2/user.json"
idToken - The authentication token retrieved from the call above
hostname - The hostname for the AnswerHub instance
curl
-H "Cookie: ssoCookieName=ssoCookieValue"
-H "Accept: application/json"
-H "Content-type: application/json"
-X POST "https://hostname/services/v2/auth/token.json"
Expected Response
Successful Response:
- HTTP Status 200 - OK is returned with JWT in payload where valid user in cookie
UnSuccessful Responses:
- HTTP Status 400 - Bad Request is returned for No cookie specified or ill-formatted cookie specified
- HTTP Status 401 - May be error condition on subsequent API calls made for other actions using the token if the user does not have USE_API permission, or user lacks the specific permissions related to the API action.
Community User Interface Result
Actions in the UI will relate to the corresponding API executed with the token.
No UI activity is expected from the Token request itself