search

Authentication

Before communicating with the API you need to authenticate. Concedus will provide you with your access data (username and password).

Use your access data to generate a session token with this method:

hashtag
Generate Session Token

POST https://demo2.api.concedus.com/v2/auth/token

hashtag
Headers

Name
Type
Description

Content-Type*

String

application/json

hashtag
Request Body

Name
Type
Description

username*

String

your username

password*

String

your password

{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnQiOiJvcGVuZGF0YVRpbWVsZXNzU3RhZ2luZyIsInhwX3Rva2VuIjoiXHUwMDAwSztcIkdcblpIPiVcdTAwMThcdTAwMWRcdTAwMTQtcWtoXGZ7XHUwMDAyXHUwMD...xmweP18-zD91MW-QY",
  "exp": 1646842318,
  "refreshToken": "fxURiLua3TXKZ+Kh.LqOCxdbNQ=="
}

The generated accessToken is the bearer token that must be used in the header of all requests to the API. The token has a validity of 4 minutes and should be renewed automatically with every interaction.

Check if your session token is still valid with this method:

hashtag
Check Session Token

GET https://demo2.api.concedus.com/v2/auth/check

hashtag
Headers

Name
Type
Description

Content-Type*

String

application/json

Authorization*

String

Bearer <token>

hashtag
Refresh Token

POST /v2/auth/refresh

To refresh your access token, you must submit a valid, authenticated refresh token to the designated endpoint. Once the refresh token is successfully validated, the server will issue a new access token. This process ensures continuous access without requiring users to re-authenticate frequently. It's crucial to securely store and transmit the refresh token to maintain the integrity of the authentication process.

Headers

Name
Value

Content-Type

application/json

Body

Name
Type
Description

RefreshToken

string

Response

PreviousGeneralNextChangelog

Last updated