- Index - API Documentation
- Parameters - API Parameter Details
- Profiles - Manage user profiles
- Resources - Manage resources
- Rules - Manage the ACRs for resources
- EML - Manage EML documents and associated ACRs
- Groups - Manage groups and group members
- Search - Search for profiles and groups
- Tokens and API keys - Manage tokens and API keys
Validate and refresh PASTA and EDI authentication tokens.
- A refreshed token matches the original token but has a new TTL.
- We consider the EDI token to be 'authoritative', so we refresh the pasta-token even if it has expired, as long as the EDI token has not.
- This method is optimized for high traffic. It works directly with the tokens and does not query the database, LDAP, or the OAuth2 IdPs.
POST: /auth/v1/token/refresh
refreshToken(
pasta_token
edi_token
)
Returns:
200 OK
400 Bad Request
401 Unauthorized
403 Forbidden
Permissions:
Both a valid pasta_token and edi_token are required to call this method.
Example request using cURL and JSON:
curl -X POST https://auth.edirepository.org/auth/v1/token/refresh \
-d '{
"pasta-token": "uid=EDI,o=EDI,dc=edirepository...",
"edi-token": "eyJhbGciOiJFUzI1NiIsInR5cCI6I...",
}'Example JSON 200 OK response:
{
"msg": "PASTA and EDI tokens refreshed successfully",
"pasta-token": "uid=EDI,o=EDI,dc=edirepository...",
"edi-token": "eyJhbGciOiJFUzI1NiIsInR5cCI6I...",
"method": "getTokenByKey"
}Retrieve an authentication token using an API key.
POST: /auth/v1/key
getTokenByKey(
key
)
Returns:
200 OK
400 Bad Request
401 Unauthorized
403 Forbidden
Permissions:
No permissions are required to call this method.
200 OK- The key was valid and a token has been returned.
- Response body:
msg- A message indicating that the token was created successfully.edi-token- The new token.
Example request using cURL and JSON:
curl -X POST https://auth.edirepository.org/auth/v1/key \
-d '{
"key": "R9arQwYMFqdgVVYt7jqcsxfyPyU"
}'Example JSON 200 OK response:
{
"msg": "Token created successfully",
"edi-token": "eyJhbGciOiJFUzI1NiIsInR5cCI6I...",
"method": "getTokenByKey"
}