Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 62 Next »

To call Fuse API endpoints you need to be authenticated. This is done by sending your authentication token in a header called Auth-Token with every API request. From v5.0 onwards, we’ve introduced rotating authentication tokens, which means that each authentication token expires and renews at regular intervals.

Note: If you are using an older version of Fuse’s API (v4.4 and below) you can use the authentication method mentioned above or you can choose to use the deprecated authentication method.

Getting a token

To obtain your authentication token, you must use the following API request:

POST /session

Request

URL: https://<instance_name>.fuseuniversal.com/api/v5.0/session

Method: POST

Request parameters

When using this request, you must include the following mandatory parameters in the request body:

  • login_name: This is your username or email address used to log in to your Fuse instance, assigned to you when your account was created (e.g. joe.bloggs or joe.bloggs@email.com).

  • password: This is your password used to log in to your Fuse instance.

Example response

{
  "success": true,
  "role": "admin",
  "administerable_community_ids": [
    9,
    10,
    11
  ],
  "admin_group_permissions": [
    "compliance_reporting"
  ],
  "auth_tokens": {
    "jwt_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJIb3RmaXgiLCJleHAiOjE3MzIxNDcxOTksImlhdCI6MTcyOTUwNTc3NiwiYXVkIjpudWxsLCJqdGkiOiIyOTQ5OS4xOTI4NTYifQ.qz_fLuuTvyUTveheP8bwLwnDBgw_KpjZTdMEUf2WSnY",
    "user_authentication_token": {
      "authentication_token": "RVt-k4zQJRyMBx3L",
      "updated_at": 1728784853
    }
  }
}

The path to the authentication token is .auth_tokens.user_authentication_token.authentication_token. In the example above the authentication token is RVt-k4zQJRyMBx3L.

For more information about the /session endpoint, please reference the API documentation section in the Admin Panel of your instance:

Screenshot 2024-10-21 at 11.07.23.png

Using the token

For API v5 the authentication token must be presented in an Auth-Token request header along with the request. Below is an example of this:

curl -H 'Auth-Token: RVt-k4zQJRyMBx3L' https://<instance>.fuseuniversal.com/api/v5.0/users/me

If the token is no longer valid then you will receive a 401 response such as in the example below:

{ 
"success": false,
 "errors": { 
 "base": "Unauthorized 401" 
  } 
 }

In this case you will need to try getting the latest token using the POST /session endpoint as stated above.

  • No labels