GET api/Authenticate

Authenticates a Windows user to obtain the access token required for all subsequent operations.

Request

(empty)

Response

Body

Content Type: application/xml or application/json
Client access token or an error message.

XML JSON
<Response> <Result>string</Result> <!--Client access token--> <Message>string</Message> <!--Error message--> </Response>
{ "Result": "string", // Client access token "Message": "string" // Error message }

XML JSON

<Response>                     
  <Result>string</Result>      <!--Client access token--> 
  <Message>string</Message>    <!--Error message--> 
</Response>

{                         
   "Result": "string",    // Client access token
   "Message": "string"    // Error message
}

Status Codes

Code	Condition
200 OK	Authentication was successful.
401 Unauthorized	Invalid credentials or deactivated user account.
406 Not Acceptable	Content type specified in the Accept header isn't supported.
500 Internal Server Error	An internal error occurred.

Remarks

This endpoint supports two methods; GET and POST. The GET method uses Integrated Windows Authentication and requires the Authorization: Negotiate header to be included in the request. This header is not required by any other operations.

Authentication grants access to the REST API. A valid access token is required for all subsequent operations.

Access tokens expire after 30 minutes of inactivity, or whenever the ContactsLaw Daemon service is restarted.