...
Authorize a User for a Resource
| Code Block |
|---|
POST https://auth-staging.sagebase.org/auth/v1/resourceAccess/{resourceName}
{"userName":"demouser@sagebase.org", "userData":"some-user-data"}
|
Note: The user executing this request must be a Synapse Administrator.
Successful Response:
| Code Block |
|---|
HTTP/1.1 201 Created
|
Create a Resource-Access Session
| Code Block |
|---|
POST https://auth-staging.sagebase.org/auth/v1/resourceSession/{resourceName}
|
Note: The session is created for the user authenticated in the request.
Successful Response:
| Code Block |
|---|
HTTP/1.1 201 Created
{"resourceAccessToken":"a1b2c3d4e5f6"} |
Validate a Resource-Access Session
| Code Block |
|---|
GET https://auth-staging.sagebase.org/auth/v1/resourceSession/a1b2c3d4e5f6
|
Note: Though the request must be authenticated, the user making the request need not be the same as the user whose session is indicated by the passed token. This allows (for example) a 'service account' to request authentication of tokens owned by real users.
Successful Response:
| Code Block |
|---|
HTTP/1.1 200 OK
{"userName":"demouser@sagebase.org", "userData":"some-user-data"} |
Unsuccessful Response:
| Code Block |
|---|
HTTP/1.1 400 OK
{"reason": "Not authorized."} |