Authorization

an authorization token is used to call eyrene from a third party application this is the unique id of the calling application sequencediagram participant 3rd party backend participant 3rd party mobile app participant eyrene mobile app participant eyrene backend 3rd party backend >>eyrene backend 1 token request eyrene backend >>eyrene mobile app 2 update token info eyrene backend >>3rd party backend 3 token transfer 3rd party backend >>3rd party mobile app 4 adding a token 3rd party mobile app >>eyrene mobile app 5 calling a deeplink 3rd party backend — backend services of a third party mobile application 3rd party mobile app — a third party mobile app on the same device eyrene mobile app — eyrene mobile app for android or ios devices eyrene backend — backend services of the eyrene application how it works token request to get a new token via the api, the backend of the third party mobile application makes a post request https //docs eyrene com/ios update token info when a request to issue a token is received, the eyrene backend adds a new token so that the eyrene application can use it token transfer the backend eyrene passes the token to the backend of the third party mobile application adding a token the third party mobile app backend passes the token to the third party mobile app over a secure communication channel additionally, you need to take measures against access to the token, which will be stored in a third party mobile application calling a deep link a third party mobile app uses the new token to call eyrene you can log in to eyrene app with any of the existing tokens, as well as in offline mode in the deeplink api, the token is passed as the deeplinkconst parameters token parameter the token received in the post request https //docs eyrene com/ios can also be used to make requests to the data api or image recognition api get a token note before sending a request for a new token, obtain a master key from the account manager it is only updated manually to get a new token, the backend of the third party application must make a post request the master key must be specified in tin the authorization header with a value of "token" tab examples url https instance name api auth v1 0 get token name request example method post request pathparameters queryparameters headerparameters kind required name authorization type string description string in token xxxxxx format bodydataparameters formdataparameters results languages id koxwsys14ekf8y4cv 1g code r n token 39fbb6e9 fbf9 459a 9e1b 416dbcf51875e r n created at 2020 09 03 07 49 59 300248 00 00 r n expires at 2020 12 02 07 49 59 300248 00 00 r n language 201 customlabel id lnparqlj11mjvxumzcbll code 403 forbidden language 403 customlabel selectedlanguageid koxwsys14ekf8y4cv 1g examples languages id y1 eyu1anmsesu3sewcad code curl i x post nhttps test eyrene com api auth v1 0 get token n h authorization token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b language curl customlabel selectedlanguageid y1 eyu1anmsesu3sewcad description bearer currentnewparameter label header parameter value headerparameters response parameters​ token string the new access token created at string (date time) the date and time the token was created in utc format from now on, the token is considered active expires at string (date time) the date and time the token expires in utc format revoke token to terminate a token before it expires, make a post request to the eyrene backend api the request to endpoint /api/auth/v1 0/revoke token/ must contain the master key in the header and the access token in the token in the body of the request tab examples url https test eyrene api auth v1 0 revoke token name request example method post request pathparameters queryparameters headerparameters kind required name authorization type string description string in token xxxxxx format bodydataparameters kind required name token type string description revocation token formdataparameters results languages id f3eo1kxxhk7x1y2leyo9k code r n success true r n language 200 customlabel id mfagvgnwh50ugkwq7z 3e code r n success false r n language 404 customlabel selectedlanguageid f3eo1kxxhk7x1y2leyo9k examples languages id y1 eyu1anmsesu3sewcad code curl i x post nhttps test eyrene com api auth v1 0 get token n h authorization token 9944b09199c62bcf9418ad846dd0e4bbdfc6ee4b n f token 39fbb6e9 fbf9 459a 9e1b 416dbcf51875e language curl customlabel selectedlanguageid y1 eyu1anmsesu3sewcad description revoke token currentnewparameter label body parameter value bodydataparameters token expiration date the expiration date of the token is explicitly reported in the response to get token https //docs eyrene com/deeplink authorization#mi get a token the backend of a third party mobile application must independently renew the token before the previous one expires to authorize in the eyrene app a third party mobile app can use any valid token note we recommend getting a new token in advance, without waiting for the expiration of the previous one this will allow you to distribute the new token to all installed instances of the third party mobile app before the old token expires