App Authentication

Authenticates an OBO app using the application saved RSA public key.

Authenticate an App with public key

Based on an authentication request token signed by the application's RSA private key, authenticate the API caller and return a session token.

A HTTP 401 Unauthorized error is returned on errors during authentication (e.g. invalid app, malformed authentication token, app's public key not imported in the pod, invalid token signature etc.).

POST//yourpodURL.symphony.com/login/pubkey/app/authenticate
Body
tokenstring

a JWT containing the caller's username or application appGroupId and an expiration date, signed by the caller's private key.

Response

OK.

Body
namestring

The name of the header in which the token should be presented on subsequent API calls.

tokenstring

Authentication token that should be passed as header in each API rest calls. This should be considered opaque data by the client. It is not intended to contain any data interpretable by the client. The format is secret and subject to change without notice.

authorizationTokenstring

(Beta) Short lived access token built from a user session. This field is still on Beta, please continue using the returned "token" instead.

Request
const response = await fetch('//yourpodURL.symphony.com/login/pubkey/app/authenticate', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();
Response
{
  "name": "text",
  "token": "text",
  "authorizationToken": "text"
}

📘 Requirements

This authentication requires the app to be enabled and to have at least one RSA Public key registered. For more information, refer to Create an RSA Key Pair.

Last updated