Instance ID & Authentication Token
Domoscio upon the initialisation of your instance on our servers will provide you with:
- The Instance_id
- The AuthorizationToken
The instance_id represent your client identifier, and the AuthorizationToken is your password, this token must remain secret and used only once. We give them to you at the launch of the project.
We present here the construction of the URL to access the API. You will need to follow this specific structure in order to make requests to the API.
The workflow to authentify is based on Oauth2 protocol. To have access to Domoscio functionalities the user should follow these steps:
The AuthorizationToken should be used inside the Header of the request when calling the API for the first time & when the RefreshToken expires:
Authorization: Bearer < AuthorizationToken >
Inside the response Header, the AccessToken and RefreshToken will be given:
AccessToken: < AccessToken >
RefreshToken: < RefreshToken >
The RefreshToken should now be used in the header of the API request with the AccessToken. Here is an example on how to retrieve the AccessToken & RefreshToken:
You will receive the AccessToken in the response at every request. However, when the RefreshToken is expired, you will receive a 401 error. At this point, it will be necessary to reuse the AuthenticationToken to retrieve a new pair of RefreshToken / AccessToken.