Authenticate App

Authenticate extension app with a public key. See also: Application Authentication in the Client Extension API documentation.

Authenticate extension app with public key

Based on an authentication request token signed by the caller's RSA private key, authenticate the API caller and return a session token.

A HTTP 401 Unauthorized error is returned on errors during authentication (e.g. invalid user, malformed authentication token, user's public key not imported in the pod, invalid token signature etc.).

POST//yourpodURL.symphony.com/login/v1/pubkey/app/authenticate/extensionApp
Body
appTokenstring

application generated token

authTokenstring

a JWT containing the caller's username and an expiration date, signed by the caller's private key.

Response

OK.

Body
appIdstring

Application ID

appTokenstring

This token generated by the application when calling authentication endpoint

symphonyTokenstring

This token generated by Symphony and should be used by the application to verify that it's talking to Symphony.

expireAtinteger (int64)

unix timestamp when the token expired

Request
const response = await fetch('//yourpodURL.symphony.com/login/v1/pubkey/app/authenticate/extensionApp', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();
Response
{
  "appId": "text",
  "appToken": "text",
  "symphonyToken": "text",
  "expireAt": 0
}

Last updated