Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Authenticating from JavaScript has to be a little bit different, because the normal authentication mechanism would expose the AppSecret in a purely client-based application, which would be a serious security breach.

First of all, any domain that needs to access the API using JavaScript must be registered in dialogportal™. Contact the Account Manager in charge of your solution at Express for assistance with this.

For a JavaScript application to be allowed to make calls to the API, it must send an API authentication token as a URL argument with every request. This token can only be created using the dialogportal™ JavaScript authentication SDK.

Step 1 - Include the SDK

Include the dialogportal™ JavaScript authentication SDK. Adding the following line to the HEAD section of your HTML page does this:

<script>document.writeln('<script src="https://api.dialogportal.com/v1/authentication/auth.js?s=' + Math.random().toString(36).substr(2,16) + '"><\/script>');</script>

Step 2 - Request a token

Requesting a token is done with the JavaScript function dp.api.auth.getTokenAsync(). It takes three arguments: AppID, event handler in case of success and finally the event handler in case of error. The following sample shows how to do it (Replace APP_KEY):

function authenticate() {
	dp.api.auth.getTokenAsync(APP_KEY,authSuccess,error);
}

function authSuccess(token) {
	_token = token;
	alert("Success!" + _token);
}

function error(status, textStatus, errorThrown) {
	alert(status + ", " + textStatus + ", " + errorThrown);
}

Step 3 - Use the token

After successfully having retrieved the access token, you should add the access token as an argument to all API requests. The following sample shows how to authenticate a user and then output the details returned from the API:

function authenticateUser() {
	$.ajax({
		type: "POST",
		contentType: "application/json; charset=UTF-­‐8",
		dataType: "json",
		data: "{ 'authType': 'native', 'loginID': 'you@know.Me', 'password': 'password' }",
		url: "https://api.dialogportal.com/v1/user/authenticate ?apiauthtoken=" + _token,
		processData: false,
		success: authenticateUserSuccess, 
		error: error
	});
}
 
function authenticateUserSuccess(data) {
	var s = "";
	for (var i in data)
		s += i + ": " + data[i] + "\n";
	alert(s);
}

Please note, that the API authentication token is only valid for one hour since the last request. In case it expires, the request will fail with HTTP error 401 (Bad signature). This error can be identified in the error handler using the status object. Simply request a new authentication token as described in step 2, but bear in mind that the included auth.js (step 1) is only valid for 24 hours. After 24 hours, you will have to request a new version of auth.js.

  • No labels