Authentication
Before communicating with the API you need to authenticate. Concedus will provide you with your access data (username and password).
Use your access data to generate a session token with this method:
Generate Session Token
POST https://demo2.api.concedus.com/v2/auth/token
Headers
Content-Type*
String
application/json
Request Body
username*
String
your username
password*
String
your password
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnQiOiJvcGVuZGF0YVRpbWVsZXNzU3RhZ2luZyIsInhwX3Rva2VuIjoiXHUwMDAwSztcIkdcblpIPiVcdTAwMThcdTAwMWRcdTAwMTQtcWtoXGZ7XHUwMDAyXHUwMD...xmweP18-zD91MW-QY",
"exp": 1646842318,
"refreshToken": "fxURiLua3TXKZ+Kh.LqOCxdbNQ=="
}The generated accessToken is the bearer token that must be used in the header of all requests to the API. The token has a validity of 4 minutes and should be renewed automatically with every interaction.
Check if your session token is still valid with this method:
Check Session Token
GET https://demo2.api.concedus.com/v2/auth/check
Headers
Content-Type*
String
application/json
Authorization*
String
Bearer <token>
{
"exp": 1646842318
}Refresh Token
POST /v2/auth/refresh
To refresh your access token, you must submit a valid, authenticated refresh token to the designated endpoint. Once the refresh token is successfully validated, the server will issue a new access token. This process ensures continuous access without requiring users to re-authenticate frequently. It's crucial to securely store and transmit the refresh token to maintain the integrity of the authentication process.
Headers
Content-Type
application/json
Body
RefreshToken
string
refreshTokenResponse
{
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnQiOiJvcGVuZGF0YVRpbWVsZXNzU3RhZ2luZyIsInhwX3Rva2VuIjoiXHUwMDAwSztcIkdcblpIPiVcdTAwMThcdTAwMWRcdTAwMTQtcWtoXGZ7XHUwMDAyXHUwMD...xmweP18-zD91MW-QY",
"exp": 1646842318,
"refreshToken": "fxURiLua3TXKZ+Kh.LqOCxdbNQ=="
}{
"error": "Invalid request"
}Last updated