Basic authorization
The basic authorization process is to pick, when you develop an application, that is directly communicating with the API, such as an iOS app. In such a case you won’t receive a client secret from softgarden, but a client ID. Accordingly you can not generate tokens. With that client ID and the options explained below, you can handle all endpoints that are not security relevant. That will not work if you have a client ID with assigned secret. In that case you have to use a client access token.
Example
Let’s take the /jobabo endpoint as an example. You can authenticate with a client access token, user access token or with the basic authorization. So, instead of writing:
1 |
curl -i -H "Authorization: Bearer TOKEN" -H "Content-Type: application/json" -X POST "https://api.softgarden.io/api/rest/v2/frontend/jobabo?channel={channelId}&types={types}&email={email}" -d "{searchParams}" |
you now execute the curl command this way, assuming your client ID is 10:
1 |
curl -i -u "10:" -H "Content-Type: application/json" -X POST "https://api.softgarden.io/api/rest/v2/frontend/jobabo?channel={channelId}&types={types}&email={email}" -d "{searchParams}" |
or alternatively:
1 |
curl -i -H "Authorization: Basic MTA=" -H "Content-Type: application/json" -X POST "https://api.softgarden.io/api/rest/v2/frontend/jobabo?channel={channelId}&types={types}&email={email}" -d "{searchParams}" |
The difference between both approaches is that in the first the additional header information is generated automatically, whereat in the second one some handcraft is needed. Because the ‘MTA=’ stands for the ’10:’ from the first exaple, which is base64 encoded here.
In those cases you send a POST request, you can add the clientId information to the POST data:
1 |
curl -i -H "Content-Type: application/json" -X POST "https://api.softgarden.io/api/rest/v2/frontend/jobabo?channel={channelId}&types={types}&email={email}" -d "{searchParams}&client_id=10" |
List of Endpoints
Basic authorization is possible at endpoints as follows.