Versions Compared

Version Old Version 8 New Version Current
Changes made by

Robert Graebert

Andrea Hentschke

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

To protect the confidentiality of api tokens and other parameters such as back-end servers, i.e. instead of passing all parameters individually (Editor URL parameters ), partners can generate a session token for their selected parameters and call the editor with the session token. Usage of the token service will become mandatory eventually and is recommended for all partners.

Generate token endpoint

POST :

...

Requesting a Token

Once you have an access key, you can request a token using the token REST API. A typical request includes these elements:

URL

POST : https://tokens.kudo.graebert.com/generate

HTTP Header:

Pass your api-key x-api-key

...

Content-type:application/json

...


x-api-key:

...

"<Access Key>"

The parameters in the HTTP header are described in this table.

Parameter

Description

x-api-key

The access key ID for which you want to generate a token. its unique for each partner

Request Body

The request body contains all URL parameters as JSON body

...

{

...

"

...

userId"

...

:

...

"

...

userId",

...


"file"

...

:

...

"

...

fileId",

...


"

...

server"

...

:

...

"

...

apiServerURL",
any other supported parameter, see https://graebert.atlassian.net/wiki/spaces/KUDOPARTNER/pages/1180008643/Editor+parameters#General-Parameters
}

Expand
titleExample to open a file from S3:
Code Block
{
    "file": "test.dwg",
    "userId": "123"
}

The file id is the just name of the file in S3. User id should be the real user id in production but can be any arbitrary id for testing.

Response

If successful, the service will return a 200 status code with the token and expiration time.

...

status:

...

200

...

Ok

...


{

...


"token":

...

"bbf18f21-3d0d-4a4c-b650-9c14d4075ce0",

...


"expiration_time":

...

1595917409
}

On error, the service will return a 403 error code with a descriptive error message.

...

status:

...

403

...

Forbidden

...


{
Wrong token
}

Token validation

You can optionally validate a token with the verification end pointendpoint

URL

...

GET:

...

https://tokens.kudo.graebert.com/verify

HTTP Header

Content-type:

...

application/json
x-api-token: token

The parameters in the HTTP header

...

are described in this table.

Parameter

Description

x-api-

...

token

token generated using /generate endpoint

Response

If successful, the service will return a 200 status code with the selected url parameters.

...

all URL parameters which is passed using /generate endpoint

Status:

...

200

...

OK

...


{

...


"auth"

...

:

...

"

...

appId",

...


"

...

userId"

...

:

...

"

...

userId",

...


"

...

file"

...

:

...

"

...

fileId",

...


"server":

...

"

...

apiServerURL",
any other supported parameter, see https://graebert.atlassian.net/wiki/spaces/KUDOPARTNER/pages/1180008643/Editor+parameters#General-Parameters
}

On error, the service will return a 403 error code with a descriptive error message.

...

status:

...

403

...

Forbidden

...


{
Wrong token
}