Authorization
Overview
To call an endpoint, users must provide an API Token or Access Token in the authorization header (except when requesting an access token: POST /auth/local).
The admin header is required for viewing some endpoints and must be present for modifying any endpoint.
Additionally, your access roles will also determine which endpoints you may view and modify.
Authorization & Admin Headers
Remember to keep these headers in mind when making any API request:
| Header | Description | Required | Values |
|---|---|---|---|
| Authorization | Sends your Access Token to make an API request. How to obtain an Access Token is explained below. | Required | Bearer $ACCESS_TOKEN |
| Admin | Grants administrative access to view and modify an endpoint. | Depends on the endpoint | Must be set to true. |
How to Obtain an Access Token
- Any Cotalker user can obtain an Access Token by calling the authentication method:
POST /auth/local(explained below). - Additionally, admins can give external users an API Token that enables them to make some requests.
Authentication Method
This method obtains a user's access token. You must include the user's email and password in the body, add the corresponding headers, and then copy the access token from the response.
POST /auth/localEndpoint URL:
POST https://www.cotalker.com/auth/local
In case you're using a free-trial version of Cotalker:
POST https://demo.cotalker.com/auth/local
Headers
| Header | Description | Required | Values |
|---|---|---|---|
| Content-Type | Sets the body's format. | Required | application/json |
| Accept-Charset | Character set of the sent content. | Required | utf-8 |
Request Body
| Field | Description | Type | Required | Notes |
|---|---|---|---|---|
| The email of the user who's access token is requested. | string | Required | The email must be registered in Cotalker. | |
| password | The user's registered password. | string | Required |
Request Sample
curl --location --request POST 'https://www.cotalker.com/auth/local' \
--header 'Content-Type: application/json' \
--header 'Accept-Charset: utf-8' \
--data-raw '{
"email": "name@company.com",
"password": "thisIsMyPassword!"
}'
Response Sample
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuYXV0aDAuY29tLyIsImF1ZCI6Imh0dHBzOi8vYXBpLmV4YW1wbGUuY29tL2NhbGFuZGFyL3YxLyIsInN1YiI6InVzcl8xMjMiLCJpYXQiOjE0NTg3ODU3OTYsImV4cCI6MTQ1ODg3MjE5Nn0.CA7eaHjIHz5NxeIJoFK9krqaeZrPLwmMmgI_XiQiIkQ"
}