Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

The Voice of O365 has an API to make changes to your account. The API gives access to various parts of our portal and backend systems.

Access

The API uses a JWT token to update data. By sending a request to the token service with a username/password a JWT token is returned to update the system.

Example request to get a token from your API:


POST /user_token
{"auth": {"email": "foo@bar.com", "password": "secret"}}



Example response from the API:

201 Created
{"jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9"}

To make an authenticated request to your API, you need to pass the token via the request header:

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9
GET /my_resources

Knock responds with a 404 Not Found when the user cannot be found or the password is invalid. This is a security best practice to avoid giving away information about the existence or not of a particular user.

NB: HTTPS should always be enabled when sending a password or token in your request.

  • No labels