← Back

Authentication API

API for authentication operations

Version: 0.1.0

Server

  • URL: https://api.kopernik.us/v0
    • Kopernik.us API server

Paths

/auth/authorize/{providerUid}

POST

Authorize token

Validate authentication token and return authentication object

Parameters:

Name In Type Required Description
providerUid path ProviderId Unique identifier of the provider

Request Body:

Content Type: application/json

Schema: PersonalAccessTokenExchange

Responses:

  • 200: Authentication validated

  • 400: Argument validation error

/auth/register/{providerUid}

POST

Register token

Register a new authentication for a provider by adding new cookie to the browser

Parameters:

Name In Type Required Description
providerUid path ProviderId Unique identifier of the provider

Request Body:

Content Type: application/json

Schema: PersonalAccessTokenExchange

Responses:

  • 200: Authentication registered

  • 400: Argument validation error

/auth/exchange/{providerUid}

POST

Exchange OAuth code

Exchange OAuth code for authentication object and register new cookie to the browser

Parameters:

Name In Type Required Description
providerUid path ProviderId Unique identifier of the provider

Request Body:

Content Type: application/json

Schema: OAuthCodeExchange

Responses:

  • 200: Authentication exchanged and cookie registered

  • 400: Argument validation error

/auth/refresh/{providerUid}

POST

Refresh OAuth token

Refresh OAuth access token and return new authentication object and new cookie to the browser

Parameters:

Name In Type Required Description
providerUid path ProviderId Unique identifier of the provider

Responses:

  • 200: OAuth access token refreshed

  • 400: Argument validation error

Schemas

AuthType

Type of the authentication

Type: enum

Values:

  • token
  • oauth

AuthRole

Role of the authentication scope

Type: enum

Values:

  • admin
  • readonly

Auth

Request authentication parameters

Type: object

Properties:

Name Type Required Description
providerUid ProviderId
accountUid string User account identifier issued by the provider; example: 01234567890
type AuthType
token SecretAccessToken
role AuthRole
regionUid string For providers with regional API access (AWS), the region scope identifier

AuthResponse

Response with authentication token to be used in subsequent requests in the Authorization header

Composition: allOf

Type: object

Properties:

Name Type Required Description
signedAuth string Authentication token to be used in the Authorization header; usage: Authorization: Bearer <signedAuth>

OAuthCodeExchange

Request to exchange OAuth code for Authentication object

Type: object

Properties:

Name Type Required Description
code string OAuth code to exchange for Authentication object
role AuthRole
regionUid string For providers with regional API access (AWS), the region scope identifier

PersonalAccessTokenExchange

Request to register a personal access token and get an Authentication object

Type: object

Properties:

Name Type Required Description
accessToken string Personal access token to register
role AuthRole
regionUid string For providers with regional API access (AWS), the region scope identifier

SecretAccessToken

Secret access token for the provider API

Type: object

Properties:

Name Type Required Description
access_token string Token to access the provider API, either API key or OAuth access token
refresh_token string For OAuth, the refresh token to get a new access token
expiresAt number For OAuth, the expiration time of the access token, in seconds since epoch