Authorization for REST API following upgrade?

jameszahary · October 26, 2018, 4:57pm

I’m wondering if anyone has figured out the new Authorization system for REST API following the upgrade of 3-4 weeks ago?

The auth token returned by my code and the one used by the browser accessing the website seem to be the same except that one is

“azp”: “cayenne-ios-app”,

and the other

“azp”: “cayenne-web-app”,

… plus various numbers like jti and session_state.

I have tried to cut and paste the website auth token into my code, but it complains about “No credentials fround for given ‘iss’.” So I think browser is sending some extra data in the Referer Request Header, or worse in the Cookie Request Header.

A work-around might be just to mimic the website in requesting authorization, which uses requests like

https://accounts.mydevices.com/auth/realms/cayenne/login-actions/authenticate?

rather than the old

https://auth.mydevices.com/oauth/token

This high-quality security can be a nuisance!

shramik_salgaonkar · October 29, 2018, 6:32am

Let me check with the team.

Topic		Replies	Views
How to obtain an OAuth token? REST API	6	3900	October 17, 2021
Tutorial Using Postman with Cayenne API REST API	7	4143	March 11, 2021
Cayenne API tutorial for beginners beginners with ai2/thunkable REST API	37	14932	March 10, 2018
REST API errors and examples REST API	0	2071	March 13, 2018
Website update? Community Help With My Project	15	2081	November 5, 2018

Authorization for REST API following upgrade?

Related topics