Progress will discontinue Telerik Platform on May 10th, 2018. Learn more

Authenticating Users

Authenticating Users

If you don't want a user to use your Telerik Platform app anonymously, you must first authenticate them. This is done by specifying the username and the password for the user. Once you are authenticated successfully, the server will issue an access token. You can then use this token to impersonate each subsequent request to Telerik Platform.

In order to do this, add the following header to these requests:

{"Authorization" : "Bearer your-access-token-here"}

Access tokens are temporary, they expire. After a token has expired, you must reauthenticate the user to get a new access token. There are also other cases when a token becomes invalid:

  • When the user changes their password
  • When the user logs out
  • When the user account is deleted

Login

After the user is authenticated, the server will return an object with a Result key that holds an object with the following keys:

  • access_token
  • token_type
  • principal_id

You can use the access_token value to authenticate subsequent requests on behalf of the current user as described in the introduction of this chapter.

The login request does not return any specific information about the user except its Id in the principal_id field. You can easily retrieve the user's account information by using the special "me" request. You can read more about that in the next section.

Here is a sample login request:

var user = {
    "username": "jsmith",
    "password": "111111",
    "grant_type": "password"
};

$.ajax({
    type: "POST",
    url: 'https://api.everlive.com/v1/your-app-id/oauth/token',
    contentType: "application/json",
    data: JSON.stringify(user),
    success: function (data) {
        alert(JSON.stringify(data));
    },
    error: function (error) {
        alert(JSON.stringify(error));
    }
});

Note the spelling of "username" and "password" which are all lowercase. It differs from the spelling in the Register operation, where the fields are spelled "Username" and "Password".

Authenticating a user ensures that the Owner, Created by, and Modified by data item attributes are populated when the user consequently manipulates data.

Logout

Here is a sample logout request:

$.ajax({
    type: "GET",
    url: 'https://api.everlive.com/v1/your-app-id/oauth/logout',
    headers: {"Authorization" : "Bearer your-access-token-here"},
    success: function (data) {
        alert(JSON.stringify(data));
    },
    error: function (error) {
        alert(JSON.stringify(error));
    }
});

If the logout request ends successfully the access token will be invalidated and the server will return a "Result" with null value.

Contact us: +1-888-365-2779
sales@telerik.com
Copyright © 2016-2017, Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.