# Authentication Requests made to our APIs must be authenticated, there are two ways to do this: 1. Authenticating using your API apiUsername and apiPassword - `Basic Auth` 2. Authenticating using an Auth Token - `Bearer Token` ## Method 1: Basic Auth Basic Authentication is a method for an HTTP user agent (e.g., a web browser) to provide a apiUsername and apiPassword when making a request. When employing Basic Authentication, users include an encoded string in the Authorization header of each request they make. The string is used by the request’s recipient to verify users’ identity and rights to access a resource. The Authorization header follows this format: > Authorization: Basic base64(apiUsername:apiPassword) So if your apiUsername and apiPassword are `onfon` and `!@pas123`, the combination is `onfon:!@pas123`, and when base64 encoded, this becomes `b25mb246IUBwYXMxMjM=`. So requests made by this user would be sent with the following header: > Authorization: Basic b25mb246IUBwYXMxMjM= | Description | | ---------------------------------------------------------------------------------------------- | | **apiUsername** `String` `Required` Your onfon account apiUsername, retrieved from portal | | **apiPassword** `String` `Required` Your onfon account apiPassword, retrieved from portal | ## Method 2: Bearer Tokens This authentication stategy allows you to authenticate using JSON Web Token ``JWT` that will expire after given duration. Each Access Token is a `JWT`, an encoded JSON object with three parts: the `header`, the `payload`, and the `signature`. The following is an example Access Token generated for Conversations > Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c ### Getting the token To generate the token, make a `POST` request to `/v1/authorization` endpoint with your `apiUsername` and `apiPassword` This request should be made from your server and not on the client side such as browser or mobile environment. You will receive a JSON similar to below: `{ "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", "validDurationSeconds": 3600}` You can use the token received to make API calls. The token will be valid for value of `validDurationSeconds`, before which you should generate a new token. #### Request Body ``` { "apiUsername": "root", "apiPassword": "hakty11" } ``` #### Response Body ``` { "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", "validDurationSeconds": 3600 } ``` #### Example Curl ``` curl --location --request POST 'https://apis.onfonmedia.co.ke/v1/authorization' \ --data-raw '{ "apiUsername": "correctapiUsername", "apiPassword": "correctapiPassword" } ``` #### Making an API call You will be required to pass the token in `Authorization` header prefixed by `Bearer` when calling other endpoints. Example `Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c`

Go to Download

agven/symfony-jwt-auth

0 Favers
964 Downloads

JWT Authentication Bundle for Symfony REST API

Go to Download

silverstripe-australia/salesforce-auth

3 Favers
10 Downloads

Provides authentication using the Salesforce OAuth API

Go to Download

ajshort/silverstripe-salesforce-auth

3 Favers
15 Downloads

Provides authentication using the Salesforce OAuth API

Go to Download

dennisharrison/laravel-auth0

0 Favers
255 Downloads

Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints.

Go to Download

cbeyersdorf/easybill

3 Favers
1 Downloads

The first version of the easybill REST API. [CHANGELOG](https://api.easybill.de/rest/v1/CHANGELOG.md) ## Authentication You can choose between two available methods: `Basic Auth` or `Bearer Token`. In each HTTP request, one of the following HTTP headers is required: ``` # Basic Auth Authorization: Basic base64_encode(':') # Bearer Token Authorization: Bearer ``` ## Limitations ### Request Limit * PLUS: 10 requests per minute * BUSINESS: 60 requests per minute If the limit is exceeded, you will receive the HTTP error: `429 Too Many Requests` ### Result Limit All result lists are limited to 100 by default. This limit can be increased by the query parameter `limit` to a maximum of 1000. ## Query filter Many list resources can be filtered. In `/documents` you can filter e.g. by number with `/documents?number=111028654`. If you want to filter multiple numbers, you can either enter them separated by commas `/documents?number=111028654,222006895` or as an array `/documents?number[]=111028654&number[]=222006895`. **Warning**: The maximum size of an HTTP request line in bytes is 4094. If this limit is exceeded, you will receive the HTTP error: `414 Request-URI Too Large` ### Escape commas in query You can escape commans in query `name=Patrick\, Peter` if you submit the header `X-Easybill-Escape: true` in your request. ## Property login_id This is the login of your admin or employee account. ## Date and Date-Time format Please use the timezone `Europe/Berlin`. * **date** = *Y-m-d* = `2016-12-31` * **date-time** = *Y-m-d H:i:s* = `2016-12-31 03:13:37` Date or datetime can be `null` because the attributes have been added later and the entry is older.

Go to Download

johnshopkins/twitterhook

2 Favers
9804 Downloads

A PHP library to interact with the GET and POST methods of the Twitter API using single user sign-on OAuth authentication. Adapted from @abraham's twitteroauth.

Go to Download