Before getting the API authorization data, make sure you have the CStoreOffice® user created with access to all needed locations. For more information, see Creating an API User.
- Getting the Authorization Token
- Refreshing the Authorization Token
- Authorization API
- Endpoints
- /v1/auth/token
- Parameters
- Request Example
- Response
- Errors - /v1/auth/refresh_token
- Parameters
- Request Example
- Response
- Errors
Getting the Authorization Token
To get the authorization token:
- Go to Authorization API:
https://api-docs.petrosoft.cloud/?service=device_gateway_proxy_service - Use the
/v1/auth/tokenendpoint. - Click Try it out.
- Send the authorization request. Request parameters:
| Parameter | Description |
login
|
The user authentication email entered as a login when creating an API user. |
password
|
The API user password. |
- Receive the
access_tokenvalue. It will be used as the authorization token for the Inventory Item API.
For confidentiality reasons, the token data in the images is blurred intentionally.
Refreshing the Authorization Token
After a certain period of time the authorization token expires and you need to refresh it.
To refresh the authorization token:
- Go to Authorization API:
https://api-docs.petrosoft.cloud/?service=device_gateway_proxy_service - Use the
/v1/auth/refresh_tokenendpoint. - Click Try it out.
- Send the refreshing request. Request parameters:
| Parameter | Description |
refresh_token
|
Refresh token received from Authorization API during previous getting the authorization token or refreshing the authorization token request. |
- Receive the refreshed
access_tokenvalue. It will be used as the authorization token for the Inventory Item API.
For confidentiality reasons, the token data in the images is blurred intentionally.
Authorization API
The Authorization API is used to generate and refresh authorization tokens for the API users. Tokens are required to get authorized with the Petrosoft APIs.
The Authorization API interacts with POST methods. To open the API, go to:
https://api-docs.petrosoft.cloud/?service=device_gateway_proxy_service.
Endpoints
/v1/auth/token
Use it to get the authorization token by the API user credentials.
Parameters
| Parameter | Description |
login
|
The user authentication email entered as a login when creating an API user. |
password
|
The API user password. |
Request example
{
"login": "APIUser@petrosoftinc.com",
"password": "Password_01"
}
Response
Response Code
200
Response Parameters
| Parameter | Description |
access_token
|
Access token to use for authorization during API requests. |
expires_in
|
Access token expiration timeout in minutes. |
refresh_expires_in
|
Refresh token expiration timeout in minutes. |
refresh_token
|
Refresh token used to get new authorization token when previous gets expired. |
token_type
|
Token type identification. |
not-before-policy
|
Unique token ID. |
session_state
|
Session status. |
Response Example
{
"access_token": "eyJhbGciOiJSUzI1Nixxxxxxxxxxxxxxxxxxxxxxxa3NfMG1aQW1wQm9Ea2VyNlRVT3hiMkhBUjkzRXpQYm1NIn0.eyJqdGkiOiI5NzRlMGQzYi0yOGMwLTQ3YWItYmQ4NC1kMWRkNjU3NDdlM2YiLCJleHAiOjE2NTY2NjM4NTUsIm5iZiI6MCwiaWF0IjoxNjU2NTc3NDU1LCJpc3MiOiJodHRwczovL2tjLnBldHJvc29mdC5jbG91ZC9hdXRoL3JlYWxtcy9jaxxxxxxxxxxxxxxxxxxxxxxxxx3ViIjoiMzZjYjk4ZTYtODRmZS00NzBmLWI0NWUtMjQ3NTYyYTM4NTc0IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoib2lkYyIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6IjIyZGYyOGY1LWNiNDQtNDI5ZS04ZTQxLWZiYjc2MmJjZTE4YyIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiKiIsImNsb3VkLmthcHBhLnBldHJvc29mdGluYy5jb20iLCIqLmNsb3VkLmthcHBhLnBldHJvc29mdC5jbG91ZC8qIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6IiIsImFjY291bnRJZCI6NDYsImxvY2F0aW9uSWRzIjoiMTUyOSIsIm5hbWUiOiJPbGdhIE1vcmxhbmciLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJvLm1vcmxhbmdAcGV0cm9zb2Z0aW5jLmNvbSIsImdpdmVuX25hbWUiOiJPbGdhIiwiZmFtaWx5X25hbWUiOiJNb3JsYW5nIiwiZW1haWwiOiJvLm1vcmxhbmdAcGV0cm9zb2Z0aW5jLmNvbSJ9.kfaD_p5xG126V5hUZJvPV6PsLWAcA0B8pzWZUYt8omFmsgOkGxB32Wunucjbh4pfmT3M6A28dEjAJxolXp8P0uqPJGZVjhloYAYYqHw5JL78ToWq0gmukfc0eEtekiubvO0H3bqZA3V93IWu3yjwCpGQYAOg1qwYYc9nPgIKT7gW5VWKOvuX0te2I8X38xvJAmHVxeP_gd36S9WgiuKOUvc_YctindcJZpVCuBl--qCJI_Fce6qqJ4zG5OCvyBgeZSOt6WD8OCzGzMA0WNEzatQlKZvC1UzE2zp3SiEVehtATJAkIDBiTrY85y4R-SfOaWnJBzCZLq4qjC4m3q9kAA",
"expires_in": 86400,
"refresh_expires_in": 86400,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwixxxxxxxxxxxxxxxxxxxxxxxtYjI0Zi01NGJkOGVlNWRlYzAifQ.eyJqdGkiOiI5ODQ1YmY3NC01OGM4LTQ5ZGYtYWZmNy0zNzdhY2ZkMzg5MDQiLCJleHAiOjE2NTY2NjM4NTUsIm5iZiI6MCwiaWF0IjoxNjU2NTc3NDU1LCJpc3MiOiJodHRwczovL2tjLnBldHJvc29mdC5jbG91ZC9hdXRoL3JlYWxtcy9jaxxxxxxxxxxxxxxxxxxx2tjLnBldHJvc29mdC5jbG91ZC9hdXRoL3JlYWxtcy9jaWQiLCJzdWIiOiIzNmNiOThlNi04NGZlLTQ3MGYtYjQ1ZS0yNDc1NjJhMzg1NzQiLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoib2lkYyIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6IjIyZGYyOGY1LWNiNDQtNDI5ZS04ZTQxLWZiYjc2MmJjZTE4YyIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6IiJ9.NRd6Kym3R-exJVDY8ZG2pwrjp0dY48mGKlTdXHyFuJY",
"token_type": "bearer",
"not-before-policy": 1xx0857782,
"session_state": "2xxxxx5-cb44-429e-8e41-fxxxxxe18c",
"scope": ""
} Errors
400: Bad Request
401: Unauthorized
| Parameter | Description |
error
|
Error indicator. |
error_description
|
Details for failure reason. |
{
"error": "invalid_grant",
"error_description": "Invalid user credentials"
} 404: Not Found
500: Internal Server Error
| Parameter | Description |
success
|
API request success status indicator. |
data
|
N/A. |
message
|
Details for failure reason. |
http_code
|
Error code. |
errors
|
N/A. |
total
|
N/A. |
{
"success": false,
"data": [],
"message": "Provider App\\Application\\TokenProvider\\CredentialsTokenProvider can't implement operation due restrictions.",
"http_code": 500,
"errors": [],
"total": null
} /v1/auth/refresh_token
Use it to refresh the authorization token by related token identifier.
Parameters
| Parameter | Description |
refresh_token
|
Refresh token received from Authorization API during previous get token or refresh token request. |
Request example
{
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgxxxxxxxxxxxxxxxxxxxxxxI0NWQ1MC05NzY5LTQ0NWMtYjI0Zi01NGJkOGVlNWRlYzAifQ.eyJqdGkiOiJiY2JmNGZiNC1lZDA5LTRkMWItOWM2ZS1kYjJhMTNhYTBlZmYiLCJleHAiOjE2NTY2NjU4NDcsIm5iZiI6MCwiaWF0IjoxNjU2NTc5NDQ3LCJpc3MiOiJodHRwczovL2tjLnBldHJvc29mdC5jbG91ZC9hdXRoL3JlYWxtcy9jaWQiLCJhdWQiOiJodHRwczovL2tjLnBldHJvc29mdC5jbG91ZC9hdXRoL3JlYWxtcy9jaWQiLCJzdWIiOiIzNmNiOThlNi04NGZlLTQ3MGYtYjQ1ZS0yNDc1NjJhMzg1NzQiLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoib2lkYyIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6IjQ3OTZkNDhjLTkxZjktNGQwNy1iODRhLTI4MTJhOWU2MzM2NiIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6IiJ9.b16v_64TUVFEsrCOLjtkp9vYYQrGjbdjjMoqWn67Yos"
}
Response
Response Code
200
Response Parameters
| Parameter | Description |
access_token
|
Access token to use for authorization during API requests. |
expires_in
|
Access token expiration timeout in minutes. |
refresh_expires_in
|
Refresh token expiration timeout in minutes. |
refresh_token
|
Refresh token used to get new authorization token when previous gets expired. |
token_type
|
Token type identification. |
not-before-policy
|
Unique token ID. |
session_state
|
Session status. |
Response Example
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx1S1dha3NfMG1aQW1wQm9Ea2VyNlRVT3hiMkhBUjkzRXpQYm1NIn0.eyJqdGkiOiJhMDRkZmY3Yi1jODBkLTQ1MmUtODNjYi04MDM4NDA4Mjg4ODAiLCJleHAiOjE2NTY2NjU4NDcsIm5iZiI6MCwiaWF0IjoxNjU2NTc5NDc0LCJpc3MiOiJodHRwczovL2tjLnBldHJvc29mdC5jbG91ZC9hdXRoL3JlYWxtcy9jaWQiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiMzZjYjk4ZTYtODRmZS00NzBmLWI0NWUtMjQ3NTYyYTM4NTc0IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoib2lkYyIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6IjQ3OTZkNDhjLTkxZjktNGQwNy1iODRhLTI4MTJhOWU2MzM2NiIsImFjciI6Ijxxxxxxxd2VkLW9yaWdpbnMiOlsiKiIsImNsb3VkLmthcHBhLnBldHJvc29mdGluYy5jb20iLCIqLmNsb3VkLmthcHBhLnBldHJvc29mdC5jbG91ZC8qIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6IiIsImFjY291bnRJZCI6NDYsImxvY2F0aW9uSWRzIjoiMTUyOSIsIm5hbWUiOiJPbGdhIE1vcmxhbmciLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJvLm1vcmxhbmdAcGV0cm9zb2Z0aW5jLmNvbSIsImdpdmVuX25hbWUiOiJPbGdhIiwiZmFtaWx5X25hbWUiOiJNb3JsYW5nIiwiZW1haWwiOiJvLm1vcmxhbmdAcGV0cm9zb2Z0aW5jLmNvbSJ9.J0JrFaLjVd5eApXUdMTSWu_RsBTRywMTMsteBvocDMUeM3eJfRPoIm60xFrewqhnUDSdzH6eEZT1V9FG8_KVSXFdo1gGovou7KC5m8tOsD3XOOix-XS5BC-Hs5HV2J7fscyoXSzxKCxHwBtlVUJAAN17lGdimJQX87JRe1yDgck2qBtmfdmo-IhYU4xaOU53tq8Vbb6OG1xwJJyjrBXEdLljuH6YJPLf6qjzowh5B5hdm0GqPbh_foLIxt3jIUM_1_8qx4HrCK57eciXHeyzHjMbO_YLxXMeJFDgAdcNPP0qgLKFvK6143LZYSCchnjsKhmZWiEJB6rA24qb1uSRKg",
"expires_in": 86373,
"refresh_expires_in": 86373,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSlxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxNWMtYjI0Zi01NGJkOGVlNWRlYzAifQ.eyJqdGkiOiJlYTM3MGNmMC1lMTM0LTQxZjgtOTQzNy1mYjU3MjlhYjRlOGQiLCJleHAiOjE2NTY2NjU4NDcsIm5iZiI6MCwiaWF0IjoxNjU2NTc5NDc0LCJpc3MiOiJodHRwczovL2tjLnBldHJvc29mdC5jbG91ZC9hdXRoL3JlYWxtcy9jaWQiLCJhdWQiOiJodHRwczovL2tjLnBldHJvc29mdC5jbG91ZC9hdXRoL3JlYWxtcy9jaWQiLCJzdWIiOiIzNmNiOThlNi04NGZlLTQ3MGYtYjQ1ZS0yNDc1NjJhMzg1NzQiLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoib2lkYyIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6IjQ3OTZkNDhjLTkxZjktNGQwNy1iODRxxxxxxxhOWU2MzM2NiIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6IiJ9.15JVSyJTDV0yvry7ik4qXupXDbO82cEB8U0z3eMN6EY",
"token_type": "bearer",
"not-before-policy": 1xxxx57782,
"session_state": "4xxxx48c-91f9-4d07-b84a-2xxxxxe63366",
"scope": ""
} Errors
500: Internal Server Error
| Parameter | Description |
success
|
API request success status indicator. |
data
|
N/A. |
message
|
Details for failure reason. |
http_code
|
Error code. |
errors
|
N/A. |
total
|
N/A. |
{
"success": false,
"data": [],
"message": "JWT missing parts. Total number of parts: 2 Token: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAc2Vzc2lvbl9zdGF0ZSI6IjQ3OTZkNDhjLTkxZjktNGQwNy1iODRhLTI4MTJhOWU2MzM2NiIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsImFkbWluIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6IiJ9.b16v_64TUVFEsrCOLjtkp9vYYQrGjbdjjMoqWn67Yos",
"http_code": 500,
"errors": [],
"total": null
} 
