Authenticate Resource¶
Last updated: August 29, 2022
Note: To change your password, enter your email address into the ARD password form
Authenticate¶
/auth/authenticate
See also Access Token Guide
Endpoints¶
http method | path | description |
---|---|---|
POST | /auth/authenticate | Use ARD credentials to request an access token or refresh a token. |
Headers¶
key | value | description |
---|---|---|
Authorization | Bearer {{token}} | Authentication method for ARD API requests. |
Content-Type | application/json | Applies to POST, PATCH, PUT requests, which require a JSON body. |
Get an access token¶
POST /auth/authenticate
Role required: User or Admin
Request body¶
{
"grant_type": "password",
"username": "user's email address",
"password": "password set by the user"
}
parameter | value | required | description | example |
---|---|---|---|---|
grant_type | password | yes | Set the grant type to "password" for this request. | "grant_type": "password" |
username | email address | yes | The email address associated with your Maxar ARD account. Your initial ARD activation email was sent to this address. | "username": "shea.barnes@myemail.com" |
password | your ARD password | yes | The password you set after activating your ARD user account with a temporary password. | "password": "password set by the user" |
Response¶
Status: 200 OK
{
"access_token": "eyJraWQiOiJFdFdcLzZ2SnAwUEpPN25scGl...",
"token_type": "Bearer",
"expires_in": 43200,
"refresh_token": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R..."
}
field | description | example |
---|---|---|
access_token | This token string allows access to ARD API resources for a duration of 12 hours. | "access_token": "eyJraWQiOiJFdFdcLzZ2SnAwUEpPN25scGl..." |
token_type | The token type will always be the OAuth type "Bearer." | token_type": "Bearer" |
expires_in | A token duration value in seconds. A token is valid for 43200 seconds, or 12 hours. | "expires_in": 43200 |
refresh_token | Token string used to refresh a valid token without requiring ARD credentials to be sent. Refresh tokens expire after 30 days. | "refresh_token": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R..." |
Error response codes¶
If invalid JSON is sent (required fields missing or invalid types for fields), a 400 Bad Request
with a
human-readable error message is returned. If the username/password combination is unrecognized, then a
401 Unauthorized
response is returned. If the system encountered any other error while processing the
request, an 500 Internal Server Error
will be returned.
Refresh your access token¶
POST auth/authenticate
Role required: User or Admin
Request Body¶
This request takes a JSON request body with the following fields (all fields are required):
{
"grant_type": "refresh_token",
"refresh_token": "{refresh token from GetToken response}"
}
Request body parameters¶
parameter | value | required | description | example |
---|---|---|---|---|
grant_type | refresh_token | yes | The grant type for this request is "refresh_token." | "grant_type": "refresh_token" |
refresh_token | refresh token | yes | The refresh token that was supplied in the "Get a token" response. | "refresh_token": "{refresh token from GetToken response}" |
Response¶
Returns the same successful response or error codes as the "Get an access token" request.