Difference between revisions of "M2M REST API"

From WICE Wiki v2.92
Jump to navigation Jump to search
(Created page with "The M2M REST API offers a way of programmatically interact with the WICE portal. Only a subset of the functionalities in the portal GUI is available in the API but the long term goal is to have as many features as possible also available in the API. The API is available at https://wice.alkit.se/m2m/ (or by appending /m2m for each customer specific installation of wice) and a description of each available end point can be found at that URL. === Authentication === All en...")
 
Line 12: Line 12:
# Provide the token as the "auth-token" header to any request to a secured end point.
# Provide the token as the "auth-token" header to any request to a secured end point.


The token will be automatically be invalidated if it has not been used for 8 hours. The same token can also be used for multiple parallel requests.
The token will be automatically be invalidated if it has not been used for 8 hours. The same token can also be used for parallel requests.

Revision as of 10:06, 19 December 2024

The M2M REST API offers a way of programmatically interact with the WICE portal. Only a subset of the functionalities in the portal GUI is available in the API but the long term goal is to have as many features as possible also available in the API.

The API is available at https://wice.alkit.se/m2m/ (or by appending /m2m for each customer specific installation of wice) and a description of each available end point can be found at that URL.

Authentication

All end points (except the login end points) in the API are secured which means that a user needs to login and obtain an authentication token that has to be provided in each request to the secured end points.

To obtain a token the following steps have to be completed:

  1. Enable m2m access for the user of interest. This is done via the GUI and the Edit_User_Dialog.
  2. Provide the username and password to one of the login end points (https://wice.alkit.se/m2m/resource_AuthService.html) to get the token. There are currently two login end points available. One which returns the token as a header in the response, "auth-token". The other one returns the token as plain text. Some frameworks have the option to include response headers in subsequent requests which may make the first end point more convenient.
  3. Provide the token as the "auth-token" header to any request to a secured end point.

The token will be automatically be invalidated if it has not been used for 8 hours. The same token can also be used for parallel requests.