Authentication

Jexia provides you with safe access and flawless authentication to the resources that your application uses and to the users that use your application.

Currently, there 2 authentication methods:

  • API Keys - API keys are used for applications to access your project
  • User Management Module - Lets users of the application access your project

You can use both authentication methods at the same time. Both methods use the (same) policy system to manage permissions in the project. For example, if you need your application to get access to your data, create API keys first and apply policies to manage the permissions of the key. Or if you need to provide your users access to your application, you can authenticate set permissions for the users.

Jexia authentication uses tokens when using an authentication method you get a set of tokens back. Depending on the authentication method, a different set of credentials in needed. The returned 'access token' is used to make (most) API calls to Jexia. This access token has a limited lifetime, and when it is expired you need to use the refresh token is used to get a new (fresh) access token again.

Authenticate

In order to obtain an access token, you need to make a POST request to the endpoint described in the example and provide the authentication method and the credentials. The response will contain an access token and a refresh token. Provide the access token in the Authorization header for all (most) of the requests you make.

Request

POST https://<project-id>.app.jexia.com/auth/

The request body depends on the authentication type:

For using the API key method, you need to set method to apk and the credentials consist of your key and your secret:

{
    "method":"apk",
    "key":"<your-key>",
    "secret":"<secret>"
}

For using the user management method, you need to set method to ums and the credentials consist of the users email and password:

{
    "method"   : "ums",
    "email"    : "user@email.com",
    "password" : "userpassword"
}

Response

The response will provide you with an access_token and a refresh_token.

{
    "access_token": "<project-access-token>",
    "refresh_token": "<project-refresh-token>"
}

Refresh the token

The access token is a short-lived entity that expires. When (or just before) this happens the refresh token can be used to obtain a new access token. Note that a refresh token can be used only once, and a new one is returned after using it.

Request

An access token can be refreshed by making a POST request to:

POST https://<projectid>.app.jexia.com/auth/refresh

With the refresh token in the body:

{
    "refresh_token":"<project-refresh_token>"
}

Response

{
    "access_token": "<project-access-token>",
    "refresh_token": "<project-refresh-token>"
}