Authentication
Last updated on 13-May-2020 by Jakob Jakobsen Boysen

If you are integrating directly with the Scifeon HTTP API it is recommended to use the PAT authentication method. For implementations with low security requirements, such as scripts and bots, it is also possible to use Basic authentication method.
Scifeon itself uses cookie-based authentication in the browser, so you can call the HTTP API from TypeScript on the page and rely on the authentication that the browser has established.
Personal Access Token (PAT)
This token can either by short-lived or long-lived.
Short-lived
The short-lived token is retrieved by requesting a token using the username and password:
POST https://{host}/api/auth/login
Request:
{
"username": "string",
"password": "string"
}
Response:
{
"accessToken": "string"
}
The accessToken
is valid for 20 minutes and can be used like this:
curl -D- \
-X GET \
-H "Authorization: Bearer accessToken" \
-H "Content-Type: application/json" \
"https://your-domain.scifeon.cloud/api/entity/experiment/EX00001"
Long-lived
The long-lived token is generated in Scifeon here...
Basic authentication
Basic authentication works just as you would expect:
- Build a string of the form
username:password
- Base64 encode the string.
- Supply an Authorization header with content Basic followed by the encoded string. For example, the string fred:fred encodes to ZnJlZDpmcmVk in base64, so you would make the request as follows:
curl -D- \
-X GET \
-H "Authorization: Basic ZnJlZDpmcmVk" \
-H "Content-Type: application/json" \
"https://your-domain.scifeon.cloud/api/entity/experiment/EX00001"