Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

https://jwt.io

Introduction

This documentation walks through how to connect a client system to the School Info API. We'll use the free tool Postman to test your credentials and view example responses.

You should be familiar with RESTful API concepts.

Credentials & Access

If you haven't done so already, now is the time to get your credentials from ContactUs@ScholarSnapp.org. Even if you're already a Scholar Snapp API client, you will need credentials specifically provided for this system.

The system uses JSON Web Token (JWT) authentication. If you're reading this, you're probably familiar with JWT, but, if not, it's RFC 7519, with a pretty good overview here and a Wikipedia entry chock full of references to further information here.

You'll be issued a Client ID and a Client Secret.

Connection Quick Start

Connecting to the API is straightforward. If you've used RESTful APIs and JWTs, the steps will look familiar. The steps are:

Detail on each step follows.

Step 1. Use your Credentials to Obtain a Token

Many code libraries provide a method to access a JWT token. We'll go through the steps so you can see what's going on. The initial call to request a token is a POST of your credentials to the /api/authApp endpoint:

POST       {{ server }}/api/authApp
Header:    Content-Type: application/json

POST to Obtain JWT
{
     "clientid": "your-clientid-here",
     "secret": "Y0ur_ap1_s3cr3t_h3r3"
}

Presuming your credentials are valid, you'll receive back a JWT:

JWT Reply
{
    "success": true,
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRJZCI6InlvdXItY2xpZW50LWlkLWhlcmUiLCJjbGllbnROYW1lIjoiWTB1cl9hcDFfczNjcjN0X2gzcjMiLCJpYXQiOjE1NjAxMDUzMjUsImV4cCI6MTU2MDE5MTcyNX0.p9VCJcxSqsTSugNe3ewlDGDPrKTNOAF3QgYlMi4jq-8"
}

Usage notes:

  • You'll use the token value in subsequent calls, sending the value inside an authToken header.
  • As with many JWT implementations, the token contains the expiration value in an "exp" field. The documentation and debugger at jwt.io are helpful if you're new to JWT. Use the token example above to see what's contained in the School Info API JWT.

Step 2. Call the API Using your Token

Once you have a valid JWT, you can call the API.

Step 3. Review the Results

T


Next Steps

...Links to More Documentation, Swagger advice if applicable, etc. ...

Page Contents:

Site Contents:

  • No labels