Token Authentication

Token authentication works by first executing a login with the user’s email address and password. The response will include an 
X-Zerista-Auth-Token header that you will include with subsequent requests. Each token expires 1 hour after it’s generation. After the token expires, you will need to execute another login with the user’s email address and password.

Login Request

POST https://{conference}.zerista.com/login/api

Parameters

Parameter Details
user[email] User’s email address
user[password] User’s password

Response

A successful response will include the User’s object in the format you requested.

HTTP Status Code Description
200 – OK Success.
401 – Unauthorized Invalid login credentials.
403 – Forbidden Access denied. Account is disabled or locked.

Subsequent Requests

For subsequent requests, include the X-Zerista-Auth-Token header with the value of the header from the login response. Do not sign the request.

Token Expiration

Every token expires 1 hour after generation. If a subsequent request returns a 401 – Unauthorized response, check for a X-Zerista-Auth-Token-Expired header. If this header is present, the token has expired and you must execute a new login request to obtain a new token. You may also execute a login request for a new token before the current token expires.

Logout Request

Executing the following request, without any parameters (but including the token header) will destroy the token from the database, effectively logging-out the user.

DELETE https://{conference}.zerista.com/login/api

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s