2. Authentication

2. Authentication

NAO Cloud API supports three types of authentication: API key, JWT and Oauth2.  For API requests from frontend applications that run in the web browsers, JWT is the recommended authentication method and API key was the preferred authentication method for API v1 but might be deprecated. For API requests from backend applications that run in the servers, API key is the preferred method.

API key

In order to be able to act on behalf of a user, you can use their authentication token (API key). The auth_token can be retrieved by the user from their Profile page on NAO Cloud, this is not the API Key used for Mobile SDK integration which is specific for each mobile application, the auth_token represents an account on NAO Cloud (In order to get the auth_token, please go to your My Profile page once logged in). The auth_token can also be retrieved via the sessions endpoint API using the user’s email and password.

You can authenticate with the API by providing the user’s token in the Authorization HTTP header. The API will return a 401 Unauthorized error if the token is missing or invalid.

Example:

curl -X GET --header 'Accept: application/json' --header 'Authorization: API_KEY' 'https://www.nao-cloud.com/api/v2/sites'

JSON Web Token (JWT)

Using JWT authentication is very similar to the API key method and can be done this way:

curl -X GET --header 'Accept: application/json' --header 'Authorization: JWT' 'https://www.nao-cloud.com/api/v2/sites'

A JWT is obtained by making a first API call on the sessions endpoint, this call is authenticated with the API key or the username/password:

In the response you will find a meta key containing the JWT and its expiration date which you can use to know when to renew the token. The token validity is usually 24 hours.

Oauth2

NAO Cloud can act as an Oauth2 resource and authorization server (https://tools.ietf.org/html/rfc6749#section-1.1).

The benefits of Oauth2 authentication is two-fold:

  • Users log in once on NAO Cloud, and automatically get logged-in to your site
  • Your site gets an access token to authenticate with NAO Cloud REST API without the user having to explicitely provide it.

Please refer to the Oauth2 guide if you are not familiar with it. You can authenticate with NAO Cloud API by providing the Oauth access token in the Authorization HTTP header with Bearer type.

Example

curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer ACCESS_TOKEN' 'https://www.nao-cloud.com/api/v2/sites'

    • Related Articles

    • Oauth2 authentication

      NAO Cloud can act as an Oauth2 resource and authorization server. Overview The benefits of Oauth2 authentication is two-fold: Users log in once on NAO Cloud, and automatically get logged-in to your site Your site gets an access token to authenticate ...

    • Connection and authentication

      Please use the following information to connect to our Cloud MQTT broker: Host : iot.nao-cloud.com Port : 8883 Protocol: MQTTS (TLS v1.2) Client ID: can be empty or random string Amazon Root CA: https://www.amazontrust.com/repository/ Keep alive: 60s ...

    • 7. Asynchronous Processing

      Consider a situation when you need to create a resource or perform an action and the operation takes a long time to complete (e.g: a publication of a Tracking Configuration). The request will return a status 303 See Other with a background_job ...

    • Getting meta-data on tags, zones and alerts

      Tags The meta-data of tags can be retrieved via the REST API. Only users with one of the following roles can access the tracking REST API: Site creator Site admin Tracking manager The API authentication token is used for authentication, it can be ...

    • 10. Teams

      Team management can be done using REST API. API reference: Swagger UI Authentication requires the token of a corporate admin: Create team Use the following request template to create teams curl -X POST --header 'Content-Type: application/json' ...