Overview

Most of our APIs require for the user to be authenticated. Login data is submitted to our API via HTTP POST.

When successfully authenticated, the service will respond with an API token that is valid for twenty minutes. This API token should be added to the Authenticate message header in the Avala-Api schema for all subsequent requests to Aimbase APIs that require authentication.

Possible Response Codes

• 200 (OK).This response indicates that the login was successful. The response body will contain the API token value.
• 400 (Bad Request). This response indicates that the data was not sent in the correct format, or had missing information.
• 401 (Incorrect Username/Password). This response indicates that the log in was not successful. The response body will contain an error message.
• 500 (Internal Server Error). An unknown error occurred.

Post Information

HTTP Endpoint

https://{baseurl}/api/Security/Login

Authentication Data Schema

XML Example Post

<?xml version="1.0"?> 
<LoginRequest xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> 
    <Username>username</Username> 
    <Password>password</Password> 
</LoginRequest>

JSON Example Post

{ 
    "Username" : "username", 
    "Password" : "password" 
}

XML Example Response

<string xmlns="http://schemas.microsoft.com/2003/10/Serialization/">username:1ea0934d-ef65-4ae2-b513-8ed5d8a64e52</string>

JSON Example Response

"username:1ea0934d-ef65-4ae2-b513-8ed5d8a64e52"

XML Example Failed Response

<?xml version="1.0"?> 
<Error><Message>The Username field is required.</Message></Error>

JSON Example Failed Response

{"Message":"The Username field is required."}

Sample Header Value

Once the API token is retrieved, it can be used to make authenticated API requests. An example API token in the request’s Authenticate header and Avala-Api schema would look like this:

Authenticate: Avala-Api token

NOTE: The token includes “username:”.