Learn how to negotiate authentication with the Expansive API to begin automating tasks
Expansive API uses Bearer authentication to control access to protected resources.
Bearer authentication (also called token authentication) is an HTTP authentication scheme that involves security tokens called bearer tokens. The name “Bearer authentication” can be understood as “give access to the bearer of this token.” The bearer token is a cryptic string, usually generated by the server in response to a login request. The client must send this token in the Authorization header when making requests to protected resources.
To retrieve a bearer token issue a POST request to the following resource:
/access_token?email=<API_USER_EMAIL>&password=<API_USER_PASSWORD>&name=<API_USER_NAME>
If successful, a new access token will be created. You should see a 201 response code, and a response body similar to:
{
"data": {
"token": "5|IVEZPfwiApMtdIyJLB3J8RWYhZlNVdEexsYKITOO",
"user_id": 2,
"force_password_change": false
}
}
Capture the token from the response data, you'll need to send this with any other requests made to the Expansive API in the Authorization header
Authorization: Bearer <TOKEN>
If you wish to invalidate a token you can do so at any point by issuing a DELETE request to
/access_token
with the above Authorization header set.