Searching...
  1. Help Center Home
  2. API
  3. Using the API
  4. Authentication

Authentication

Finding Your Authentication Credentials

Head to the backend of your website to obtain credentials:

  1. Login to the Worker Portal
  2. Search for App Authorizations and click on the menu link
  3. Click “Edit” under the actions column for the Authorization
  4. Credentials are located in the “Authorization Information” section (Reference below)
    1. When resetting your AuthPassword, you must submit at the bottom of the page to save the new AuthPassword

Please Note

  • Your Authorization Password is hashed and can only be reset (i.e. we cannot retrieve current, or past, authorization passwords since it is not stored in a plaintext format)
  • You should make note of the Authorization Password outside of your website on creation, or reset, to minimize disruptions
  • Your authentication credentials are sensitive information and should not be shared outside trusted third parties

Authentication Types

The Authentication Type is assigned at the Authorization level when setting up your App Authorization.  There are two Authentication Types available:

  • Default (JWT Bearer)
    • Authentication requests generate an authentication token, which expire after 7 days from creation
    • This is an authentication type of “Bearer Token” and must be passed with each corresponding HTTP request (excluding the Canary Endpoint)
    • There is no limit to the number of generated Bearer Tokens (i.e. you can authenticate and generate a Bearer Token as often as you’d like)
    • This method allows customer-specific pricing via the GenerateCustomerSession request.
  • Basic
    • Basic Authentication only requires the Authorization Username and Password to be passed for each API request

Default (JWT Bearer) Authentication Request

HTTP Method: POST

Endpoint: https://api.cimcloud.com/{sitename}/authenticate

Body (set the values obtained from the Finding Your Authentication Credentials section above):

{
"AuthKey": "xxxxxxxxxxx",
"AuthUserName": "xxxxxxxxxxx",
"AuthPassword": "xxxxxxxxxxx"
}

Successful Response:

{
"expiration": "2022-01-01T01:00:00Z",
"token": "xxxxxxxxxxx"
}

Session-Based Default (JWT Bearer) Authentication Request

HTTP Method: POST

Endpoint: https://api.cimcloud.com/{sitename}/authenticate

Body (set the values obtained from the Finding Your Authentication Credentials section above):

{
"AuthKey": "xxxxxxxxxxx",
"AuthUserName": "xxxxxxxxxxx",
"AuthPassword": "xxxxxxxxxxx",
"SessionUsername": "xxxxxxxxxxx"
}

Successful Response:

{
"expiration": "2022-01-01T01:00:00Z",
"token": "xxxxxxxxxxx",
"session": "xxxxxxxxxxx"
}

References

Using the API Authentication Api Framework Authorization Section

Was this article helpful

Yes No

Related Articles

Subscribe to receive email updates of what's new in the CIMcloud Help Center.