Basic information

  • All API-calls must go over the https-protocol
  • All passwords must be hashed with the SHA-256 algorithm and encoded as a hex-string before sent to the API
  • When calling a method that requires autorization, always implement a logic to handle the Unauthorized-response that will be returned if the users token has expired
  • Use the accept-header to determine which data type to get as response. Either application/json or application/xml
  • When passing an access-token you must use the authorization-header with the schema Bearer e.g. Authorization: Bearer yourAccessTokenHere

API Sections

Request access-token

POST https://api.autoservice.net/v1/oauth/token
This method is used to get an access-token for an app, a user or to refresh an existing token

Headers

Parameter Description Required Validation
Authorization Required if grant_type=password. Should contain the client access-token False ^Bearer [A-F0-9]{40}$

Parameters

Parameter Description Required Validation
grant_type To get a token for either your app or a user True ^password|client_credentials|refresh_token$
client_id GUID. Required if grant_type=client_credentials False ^[A-F0-9]{8}(-[A-F0-9]{4}){3}-[A-F0-9]{12}$
client_secret Hex string. Required if grant_type=client_credentials False ^[A-F0-9]{80}$
username E-mail. Required if grant_type=password False A valid e-mail address
password Hex string. Required if grant_type=password False ^[A-F0-9]{64}$
refresh_token Hex string. Required if grant_type=refresh_token False ^[A-F0-9]{60}$
Example request with Curl
curl \
	-H "Authorization=[value]" \
	-d "grant_type=[value]" \
	-d "client_id=[value]" \
	-d "client_secret=[value]" \
	-d "username=[value]" \
	-d "password=[value]" \
	-d "refresh_token=[value]" \
	https://api.authservice.net/v1/oauth/token

Refer to the parameter-pane for more information about specific parameters

To get XML-response instead of JSON add: -H "accept: application/xml"

Example JSON-response

Example XML-response

 

Nr. Description
400 For grant_type=client_credentials: If client_id or client_secret is wrong
For grant_type=password: If password is incorrect
401 For grant_type=password: If no authorization header was sent or if it is invalid
403 For grant_type=password: If the access-token passed is not a client-token
404 For grant_type=refresh_token: If refresh_token can't be found
For grant_type=password: If username does not exist
405 Http verb not allowed

Logout/unauthrize access-token

GET https://api.autoservice.net/v1/oauth/unauthorize
Calling this method will unauthorize an access-token.

Headers

Parameter Description Required Validation
Authorization Client or user access-token True ^Bearer [A-F0-9]{40}$
Example request with Curl
curl \
	-H "Authorization=[value]" \
	https://api.authservice.net/v1/oauth/unauthorize

Refer to the parameter-pane for more information about specific parameters

Response: bool

Nr. Description
401 Authorization failed, access-token is invalid
405 Http verb not allowed

Register user

POST https://api.autoservice.net/v1/user/register
Register a new user

Headers

Parameter Description Required Validation
Authorization User access-token True ^Bearer [A-F0-9]{40}$

Parameters

Parameter Description Required Validation
name User's name False
email User's e-mail/username True Valid e-mail address
password User's password. Must be SHA-256 hashed and hex encoded before sending True ^[A-F0-9]{64}$
data User's data. Can be anything e.g. a json-string, xml-data, simple string False
Example request with Curl
curl \
	-H "Authorization=[value]" \
	-d "name=[value]" \
	-d "email=[value]" \
	-d "password=[value]" \
	-d "data=[value]" \
	https://api.authservice.net/v1/user/register

Refer to the parameter-pane for more information about specific parameters

To get XML-response instead of JSON add: -H "accept: application/xml"

Example JSON-response

Example XML-response

 

Nr. Description
400 Parameters not valid
401 Authorization failed, access-token is invalid
404 User not found
405 Http verb not allowed
409 User already exists

User information

GET https://api.autoservice.net/v1/user/info
Fetch user information

Headers

Parameter Description Required Validation
Authorization User access-token True ^Bearer [A-F0-9]{40}$
Example request with Curl
curl \
	-H "Authorization=[value]" \
	https://api.authservice.net/v1/user/info

Refer to the parameter-pane for more information about specific parameters

To get XML-response instead of JSON add: -H "accept: application/xml"

Example JSON-response

Example XML-response

 

Nr. Description
401 Authorization failed, access-token is invalid
404 User not found
405 Http verb not allowed

Update user

POST https://api.autoservice.net/v1/user/update
Update the user information. All parameters are optional. If a parameter is omitted the value will not be updated. If parameter exists but contains an empty value this will overwrite the previous value.

Headers

Parameter Description Required Validation
Authorization User access-token True ^Bearer [A-F0-9]{40}$

Parameters

Parameter Description Required Validation
name User's name False
email User's e-mail/username False Valid e-mail address
password User's password. Must be SHA-256 hashed and hex encoded before sending False ^[A-F0-9]{64}$
data User's data. Can be anything e.g. a json-string, xml-data, simple string False
Example request with Curl
curl \
	-H "Authorization=[value]" \
	-d "name=[value]" \
	-d "email=[value]" \
	-d "password=[value]" \
	-d "data=[value]" \
	https://api.authservice.net/v1/user/update

Refer to the parameter-pane for more information about specific parameters

To get XML-response instead of JSON add: -H "accept: application/xml"

Example JSON-response

Example XML-response

 

Nr. Description
400 Parameters not valid
401 Authorization failed, access-token is invalid
404 User not found
405 Http verb not allowed
409 User already exists. Thrown when user tries to change the e-mail to another already registered e-mail

Delete user

DELETE https://api.autoservice.net/v1/user/delete
Delete a user from the system

Headers

Parameter Description Required Validation
Authorization User access-token True ^Bearer [A-F0-9]{40}$
Example request with Curl
curl \
	-H "Authorization=[value]" \
	-X DELETE
	https://api.authservice.net/v1/user/delete

Refer to the parameter-pane for more information about specific parameters

Response: bool

Nr. Description
401 Authorization failed, access-token is invalid
404 User not found
405 Http verb not allowed

Reset password

POST https://api.autoservice.net/v1/user/resetpassword
Reset the password for a user. System will generate a new password and e-mail it to the user

Headers

Parameter Description Required Validation
Authorization User access-token True ^Bearer [A-F0-9]{40}$
Example request with Curl
curl \
	-H "Authorization=[value]" \
	https://api.authservice.net/v1/user/resetpassword

Refer to the parameter-pane for more information about specific parameters

Response: bool

Nr. Description
400 Parameters not valid
401 Authorization failed, access-token is invalid
404 User not found
405 Http verb not allowed