API Authentication
The authentication mechanisms are shared between all DTZ APIs. So all here described mechanisms are available for all APIs.
The authentication data can be carried through the following fields:
- bearer token
- cookie based
- api-key
- basic auth
Authenticating
Authentication is handled by the DTZ Identity service.
Possible Login scenarios:
WebUI
https://identity.dtz.rocks/login/
With HTTP Apikey Header
To authenticate with an api key, the api key has to be passed as header field X-API-KEY
.
Here is an example curl command:
curl -X GET "https://api.dtz.rocks/v1/me" -H "X-API-KEY: YOUR_API_KEY"
With HTTP Bearer Token
To authenticate with a bearer token, the token has to be passed as header field Authorization: Bearer YOUR_BEARER_TOKEN
.
Here an example how to get a bearer token:
> POST https://identity.dtz.rocks/api/2021-02-21/token/auth
> Content-Type: application/json
>
> {
> "username": "user",
> "password": "password"
> }
< {
< "access_token": "eyJhb...",
< "scope": "00000000-0000-0000-0000-000000000000",
< "token_type": "Bearer",
< "expires_in": 86400
< }
Here is an example how to use the bearer token:
curl -X GET "https://identity.dtz.rocks/api/2021-02-21/me" -H "Authorization: Bearer {bearer token}"
> GET https://identity.dtz.rocks/api/2021-02-21/me
> Authorization: Bearer eyJhb...
< {
< "roles": [ ]
< }
With HTTP Basic Auth Header
Here is an example curl command hor to use basic auth, to access the dtz API.
curl -X GET -u 'apikey:apikey-1234' "https://identity.dtz.rocks/api/2021-02-21/me"
With HTTP Cookie
Using the JWT token as cookie is also allowed. The token has to be passed in as cookie with the name dtz-auth
.
With Get Parameter
Sometimes, third party provider do not allow to set for any authnetication. For that case, an apikey can also be passed as get parameter with the name apiKey
.