The ZetaSafe API uses a ZetaSafe authorisation token for authentication. This token expires. Its recommended that, before you use the ZetaSafe API you ensure you have an up-to-date auth token.
This token can be got by POSTing username, password, role_id and client_id.
The token you get back will be available to be used in the x-Auth-token header parameter for subsequent API calls.
Its important the token you request relates to the ZetaSafe Client you wish to prform actions on.
URI
Query Paramaters:
The id parameter is required and should be set as documented
Although roleId and clientId aren’t required, we would advice that these are provided.
If they are not set then they should not be included in the URI
Users with multiple roles, or who have a multi-client role will need to provide a roleId and clientId
id=7e67e260-202c-4bf5-b486-98502508cfe0 must be included in the URI
Development
https://api.zetasafe.net/dev/ext/x-auth/get
Production
https://api.zetasafe.net/ext/x-auth/get
Method
POST
Content Type
application/json
Body
{
"username":###,
"password":###
}
Responses:
200: Success
Get the new token from the x-auth-token header
400: Bad Request - Possible Responses:
the username and password are correct but the user does not have access to the role or client provided.
password has expired
{“PASSWORD_EXPIRED” : “[message]“}
user has no applicable role for the mobile app (only has read-only roles for example)
{“USER_HAS_NO_APPLICABLE_ROLE” : “[message]“}
no access to role
{“NO_ACCESS_TO_ROLE”:“Access denied”}
no access to client
{“NO_ACCESS_TO_CLIENT”:“Access denied”}
internal server error processing the provided roleId / clientId
{“UNEXPECTED_ERROR”:“Access denied”}
401: Unauthorised
The username / password are incorrect
500: Internal Error