Authenticates a user's credentials to obtain the access token required for all subsequent operations.
Content Type:
application/xml
or
application/json
User credentials.
| XML JSON |
|---|
<Request> <Username>string</Username> <Password>string</Password> </Request> |
{
"Username": "string",
"Password": "string"
}
|
Content Type:
application/xml
or
application/json
Client access token or an error message.
| XML JSON |
|---|
<Response> <Result>string</Result> <!--Client access token--> <Message>string</Message> <!--Error message--> </Response> |
{
"Result": "string", // Client access token
"Message": "string" // Error message
}
|
| Code | Condition |
|---|---|
| 200 OK | Authentication was successful. |
| 400 Bad Request | Missing/incomplete credentials. |
| 401 Unauthorized | Invalid credentials or deactivated user account. |
| 406 Not Acceptable | Content type specified in the Accept header isn't supported. |
| 500 Internal Server Error | An internal error occurred. |
This endpoint supports two methods; GET and POST. The POST method authenticates plain-text credentials and should therefore be limited to secure/trusted connections (e.g. SSL/TLS, VPN or LAN) only.
Authentication grants access to the REST API. A valid access token is required for all subsequent operations.
Access tokens expire after 30 minutes of inactivity, or whenever the ContactsLaw Daemon service is restarted.