Versions Compared

Old Version 116

changes.mady.by.user Bruce Hoff

Saved on

compared with

New Version 117

changes.mady.by.user Joseph Wu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Missing password or user ID already exists:

Code Block
HTTP/1.1 400401 Bad RequestUnauthorized

Note:  As a side effect this will send an email to the given address, prompting the user to set their password.

...

If the email address is not in the user database:

Code Block
HTTP/1.1 400404 BadNot RequestFound

Note: The email template is in the auth-util package, in the file resetpasswordEmail.txt. The reset link, along with the smtp SMTP parameters, is in the file authutil.properties.

...

If the email address is not in the user database:

Code Block
HTTP/1.1 400404 BadNot RequestFound

Note: The email template is in the auth-util package, in the file setAPIpasswordEmail.txt. The reset link, along with the smtp SMTP parameters, is in the file authutil.properties.

...

Code Block
HTTP/1.1 204 No Content

Note: Session token or HMAC signature is required in request header.

...

Note: Session token is required in request header.  The returned key is that of the authenticated user authenticated by the session token.

Invalidate Secret Key

Code Block
DELETE https://auth-staging.sagebase.org/auth/v1/secretKey

...

Code Block
HTTP/1.1 204  No Content

Note: Session token token or HMAC signature is required in request header.  The key which is invalidated is that of the authenticated user authenticated by the session token.

Initiate Session (Login)

...

Error Response, if the user authentication details are incorrect:

Code Block
HTTP/1.1 400401 Bad RequestUnauthorized
AuthenticationURL: https://auth-staging.sagebase.org/auth/v1/session
Content-Type: application/json
{"reason":"UnableInvalid username toor authenticate.password"}

 

Error Response, if the Terms of Use are not either accepted explicitly in the request or accepted by the user previously:

...

Error Response, if the session token is invalid:

Code Block
HTTP/1.1 404401 Not FoundUnauthorized
{"reason":"UnableSession token tois validatenot session.valid"}

Terminate Session (Logout)

...

For requests that fail to be authenticated the response will include the headers:

WWW-Authenticate: authenticate Crowd"Digest" your email

and a plain text body:  "The token provided was invalid or expired."

...