Obtaining an auth token when using the API
- James Goodwin
To call the API you need to authenticate to it. In order to authenticate you must first obtain and use an authentication token. The method by which you obtain the authentication token differs depending on the API version you wish to use. Below you can find information specific to v4.4 and below, and v5.0 and above. Please refer to the version that is applicable to you.
v5.0 and above
This section includes information on how to obtain a valid authentication token when using the v5.0 and above of the Fuse API.
To call Fuse API endpoints you need to be authenticated. This is done by sending your authentication token in a header called Auth-Token with every API request. From v5.0 onwards, we’ve introduced rotating authentication tokens, which means that each authentication token expires and renews at regular intervals.
Note: If you are using an older version of Fuse’s API (v4.4 and below) please expand the v4.4 and below section and refer to the information there.
Getting a token
To obtain your authentication token, you must use the following API request:
POST /session
Request
URL: https://<instance_name>.fuseuniversal.com/api/v5.0/session
Method: POST
Request parameters
When using this request, you must include the following mandatory parameters in the request body:
login_name: This is your username or email address used to log in to your Fuse instance, assigned to you when your account was created (e.g. joe.bloggs or joe.bloggs@email.com).
password: This is your password used to log in to your Fuse instance.
Example response
{
"success": true,
"role": "admin",
"administerable_community_ids": [
9,
10,
11
],
"admin_group_permissions": [
"compliance_reporting"
],
"auth_tokens": {
"jwt_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJIb3RmaXgiLCJleHAiOjE3MzIxNDcxOTksImlhdCI6MTcyOTUwNTc3NiwiYXVkIjpudWxsLCJqdGkiOiIyOTQ5OS4xOTI4NTYifQ.qz_fLuuTvyUTveheP8bwLwnDBgw_KpjZTdMEUf2WSnY",
"user_authentication_token": {
"authentication_token": "RVt-k4zQJRyMBx3L",
"updated_at": 1728784853
}
}
}The path to the authentication token is .auth_tokens.user_authentication_token.authentication_token. In the example above the authentication token is RVt-k4zQJRyMBx3L.
For more information about the /session endpoint, please reference the API documentation section in the Admin Panel of your instance:
Using the token
For API v5 the authentication token must be presented in an Auth-Token request header along with the request. Below is an example of this:
curl -H 'Auth-Token: RVt-k4zQJRyMBx3L' https://<instance>.fuseuniversal.com/api/v5.0/users/meIf the token is no longer valid then you will receive a 401 response such as in the example below:
{
"success": false,
"errors": {
"base": "Unauthorized 401"
}
}In this case you will need to try getting the latest token using the POST /session endpoint as stated above.
v4.4 and below
This section includes information on how to obtain a valid authentication token when using the v4.4 and below of the Fuse API.
Note: If you are using v5.0 and above of Fuse’s API please expand the v5.0 and above section and refer to the information there.
Authentication token
Authentication tokens can be obtained in the Admin panel of a Fuse instance or from an API client, such as Postman or cURL.
Generating an auth token in Postman
Follow these steps:
Select your workspace.
Create a request
Set the HTTP method to
POST.Enter the Fuse instance URL:
https://<instance_name>.fuseuniversal.com/api/v4.4/tokenSelect Body tab.
Select form-data sub-tab.
Set a couple of key-value pairs:
First KEY:
login_name; VALUE: <your_login_name>Second KEY:
password; VALUE: <your_password>
Press the Enter key or click on the Send button.
Expected Status Code: 201 Created
Make a note of the
auth_tokenvalue from the response body to use for requests in later Manage Users Endpoint Examples.
Use the following screenshot as a reference in the previous steps:
Generating an auth token in cURL
To generate an auth_token in cURL, run the following command: