API Authentication

The authentication mechanisms are shared between all DTZ APIs. So all here described mechanisms are available for all APIs.

The authentication data can be carried through the following fields:

• bearer token
• cookie based
• api-key
• basic auth

Authenticating

Authentication is handled by the DTZ Identity service.

Possible Login scenarios:

WebUI

https://identity.dtz.rocks/login/

With HTTP Apikey Header

To authenticate with an api key, the api key has to be passed as header field X-API-KEY.

Here is an example curl command:

curl -X GET "https://api.dtz.rocks/v1/me" -H "X-API-KEY: YOUR_API_KEY"

With HTTP Bearer Token

To authenticate with a bearer token, the token has to be passed as header field Authorization: Bearer YOUR_BEARER_TOKEN.

Here an example how to get a bearer token:

> POST https://identity.dtz.rocks/api/2021-02-21/token/auth
> Content-Type: application/json
>
> {
>  "username": "user",
>  "password": "password"
> }

< {
<   "access_token": "eyJhb...",
<   "scope": "00000000-0000-0000-0000-000000000000",
<   "token_type": "Bearer",
<   "expires_in": 86400
< }

Here is an example how to use the bearer token:

curl -X GET "https://identity.dtz.rocks/api/2021-02-21/me" -H "Authorization: Bearer {bearer token}"

> GET https://identity.dtz.rocks/api/2021-02-21/me
> Authorization: Bearer eyJhb...

< {
<   "roles": [ ]
< }

With HTTP Basic Auth Header

Here is an example curl command hor to use basic auth, to access the dtz API.

curl -X GET -u 'apikey:apikey-1234' "https://identity.dtz.rocks/api/2021-02-21/me"

With HTTP Cookie

Using the JWT token as cookie is also allowed. The token has to be passed in as cookie with the name dtz-auth.

With Get Parameter

Sometimes, third party provider do not allow to set for any authnetication. For that case, an apikey can also be passed as get parameter with the name apiKey.