Follow

Authentification

To make a request through the API, you must be authenticated.

 

If the request is not authenticated, the API will return a JSON message error:

GET https://sandbox.ilucca-demo.net/api/v3/users
 
 
{
  Status: 401,
  Message: "Your token is invalid or you did not provide any",
StackTrace: " at Lucca.Web.Services.HttpAuthenticationService.HandleUnauthorizedRequest(AuthorizationContext filterContext) in c:\d\sites\ilucca.net\iLucca\Web\Lucca.Web\Services\HttpAuthenticationService.cs:line 278 at Lucca.Web.Context.AuthTokenAuthorize.HandleUnauthorizedRequest(HttpActionContext actionContext) in c:\d\sites\ilucca.net\iLucca\Web\Lucca.Web\Context\AuthTokenAuthorize.cs:line 14 at Lucca.Web.Context.AuthTokenAuthorize.OnAuthorization(HttpActionContext actionContext) in c:\d\sites\ilucca.net\iLucca\Web\Lucca.Web\Context\AuthTokenAuthorize.cs:line 27 at System.Web.Http.Filters.AuthorizationFilterAttribute.OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken) --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Web.Http.Filters.AuthorizationFilterAttribute.<ExecuteAuthorizationFilterAsyncCore>d__2.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at System.Web.Http.Controllers.ExceptionFilterResult.<ExecuteAsync>d__0.MoveNext()"
}
 



Authentication with the test account

 

You can use the test account found in the Preambule for you to authenticate yourself, then make requests with the help of your browser (GET) or your HTTP requests tool (Poster, Postman, TamperData, etc.)

 

This authentication is useful for discovering the API and doing some tests.

 

For production use, we recommend authentication with an application counter.

 

Authentication with a permanent application token - access with the application’s rights

 

If your application is registered with Lucca, you can obtain a permanent application token.

 

To obtain a token, send us an email at production@lucca.fr describing your API needs as well as the URL of your Lucca production authority or your demo.

 

Once this token is in your possession, you must include it in all of your communications with the API, using the HTTP Header “Authorization.”

 

However, rather than using a Basic authentication, you can use the keyword “Lucca” which allows us to identify this particular type of access.

 

GET https://sandbox.ilucca-demo.net/api/v3/users
Authorization: Lucca application=eb1b5a84-dc51-417c-bf79-abcfc97b40e2

 

where eb1b5a84-dc51-417c-bf79-abcfc97b40e2 is your application token.

 

The advantage of this last method is that it uses the rights that have been set up as parameters in order to access your application at Lucca. Therefore, they can be superior to the rights of a standard user while being configurable in the same rights management module.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk