JWT Tokens
A guide on using JSON Web Tokens with the NetSapiens API
What follows is a brief guide to using JWTs on our platform, but first a little background, just in case:
JSON Web Tokens (JWTs) are a compact, self-contained way to securely transmit information between parties as a JSON object. Let me break down how they work and how you can use them in your applications.
What is a JWT?
A JWT is essentially a string that has three parts separated by dots:
eyJhbGcirandomkeyboardmashingCI6IkpXVCJ9.
eyJzdWIiOiIxMjM0NmorekeyboardmashinggRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.
SflKxwRJSMeKKFthirdmashupOk6yJV_adQssw5c
These three parts are:
Header - Contains the type of token and the signing algorithm being used
Payload - Contains the data being transferred
Signature - Used to verify the token hasn't been tampered with
When to Use JWTs
JWTs are perfect for:
Authentication: After a user logs in, subsequent requests will include the JWT
Authorization: Once logged in, the JWT tells the server what the user is allowed to do
Information Exchange: Securely transferring data between parties
Requesting JWTs through the NS API
Here is an example of how to request a JWT through the API, in this case using a username and password:
Requesting a JWT (cURL version):
curl --location --request POST 'https://{{your_URL}}/ns-api/v2/jwt' \
--header 'User-Agent: {{your user agent}} (https://{{your_URL.com}})' \
--header 'Content-Type: application/json' \
--header 'Accept: */*' \
--header 'Host: {{your host domain}}' \
--header 'Connection: keep-alive' \
--data-raw '{
"grant_type": "password",
"client_id": "",
"client_secret": "",
"username": "{{sub_login}}",
"password": "{{user_password}}"
}'
You can test this out in our docs pages here: https://docs.ns-api.com/reference/post_tokens
For more information on the client_id and client_secret please see our general documentation site here: https://documentation.netsapiens.com/passwords/how-to-create-a-client-id-and-client-secret
Updated about 1 month ago