Connect to REST API

Home » DOCOON APIs » REST API » Connect to REST API

Docoon Rest API provides two authentification ways: Basic Authentification or OAuth 2.

Basic authentication

HTTP requests to the REST API are protected with HTTP Basic authentication. The request must specify the key “Authorization”  in the HTTP header. The value of this key is a String such as “Basic {authenticationToken}” where {authenticationToken} is the base64 of the user login and its Password separated by the character “:” (colon).

If your user is 55XXX.restAPITest and your password is 1234567
You must create a string : 55XXX.restAPITest:1234567
Then encode it in base64.: “NTVYWFgucmVzdEFQSVRlc3Q6MTIzNDU2Nw==
You must add this property in your HTTP header :
“Authorization” : “Basic NTVYWFgucmVzdEFQSVRlc3Q6MTIzNDU2Nw==”

curl -H "Authorization: Basic NTVYWFgucmVzdEFQSVRlc3Q6MTIzNDU2Nw==" 
https://api.odyssey-services.fr/api/v1/JobTypes
Basic authentification

Oauth2 authentication

In order to use Oauth2 authentication, you must realize the following two steps :

Step 1, get the Bearer :
The request must specify the key “Authorization” in the HTTP header. The value of this key is a String such as “Basic {authenticationToken}” where {authenticationToken} is the base64 of
the ClientId and the ClientSecret separated by the character “:” (colon).
To get the ClientId and the ClientSecret, please contact our support team.

The request need the following parameters :
“grant_type” : “password”
“scope” : “OMS”
“username” : “msg\{login}”
“password” : “{password}”

This request will return an access_token that will be used by your other requests to our APIs.

Oauth2 step 1
curl --location --request POST 'https://oauth.odyssey-services.fr/connect/token'
--header 'Content-Type: application/x-www-form-urlencoded'
--header 'Authorization: Basic {authenticationToken}'
--data-urlencode 'grant_type=password'
--data-urlencode 'scope=OMS'
--data-urlencode 'username=msg\{login}' 
--data-urlencode 'password={password}'

Step 2, use the Bearer :
The request must specify the key “Authorization” in the HTTP header. The value of this key is a String such as “Bearer {access_token}” where {access_token} is the result of the request in step 1.

Oauth2 step 2
--header 'Authorization: Bearer {access_token}'

If the token is expired, the request will return an error with status 401 and message “Authorization has been denied for this request”.