A direct gRPC request can be anonymous. If an HTTP request is made to a web server, then it is necessary to use the Basic authorization type, since the anonymous requests to the web server are prohibited. |
Request body:
{
"method": "axxonsoft.bl.auth.AuthenticationService.AuthenticateEx",
"data": {
"user_name" : "root",
"password" : "root"
}
} |
Response example:
{
"token_name": "auth_token",
"token_value": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiIqLioiLCJleHAiOjE2MDUxOTIxMDcsImlhdCI6MTYwNTE3NzcwNywiaXNzIjoiVi1CRUxZQUtPViIsImxnbiI6InJvb3QiLCJybHMiOlsiOTc0NWI5MDItMmEzNi00MDM1LWJkZDYtMDEyZTBkYWU2NmMwIl0sInNpZCI6Ijk3YjA3ZWQ0LTEzOTctNGFiNC1iZjZiLWQwNTUwYmM1YjcwMSIsInN1YiI6IjMyOGUzODc0LTRhMzMtOWRkMS0yOWViLTQ0YzM3YTQ0MTIxYyJ9.nkqap2aosAafD41vPIICJjIaVCWwGnC1nZRFrPWkt8JpgUnQsxAaZMa1UwIdsTicnH9vWeq6laQgmRJagVnWcunjoJ6wHWptwfk-pGT49YE9V1_PMT_1f3wQoc8Hl5a118DXECQc2lcu56U0H74C9PBc2Xmh-8fbvaWws65y0Ly4rDbwEWdMd-0ocnnErpSiFOr-XEnok9PIVXo_mjgWsg1zxBlgijWqA4jVoQdfBvKzGpTFLxXgguDvCDZQyF3LfpxtjB1jNsZgaFHzxPkloLeq2eQ8TY2Y1g4BDDNW2QU-Ee-DhWoKIMrRWWhsbHLDMNC2sNpNVw0MMMEYSjDyng",
"expires_at": "20201112T144147",
"is_unrestricted": true,
"user_id": "328e3874-4a33-9dd1-29eb-44c37a44121c",
"roles_ids": [
"9745b902-2a36-4035-bdd6-012e0dae66c0"
],
"error_code": "AUTHENTICATE_CODE_OK"
} |
where
token_value − a Bearer token. The received token should be used in the metadata of the gRPC request. The HTTP requests should be made with the Bearer authorization type using the received token.
expires_at − token expiration date and time in the UTC time zone.
Request body:
{
"method": "axxonsoft.bl.auth.AuthenticationService.RenewSession",
"data":
{
}
} |
The response will be the same as the response to the receive token request.
The token should be active at the time of the request. |
Request body:
{
"method": "axxonsoft.bl.auth.AuthenticationService.CloseSession",
"data":
{
}
} |
Response example:
{
"error_code": "OK"
} |