API Authentication
Signify’s API uses Bearer Token authentication.
- Send credentials (username, password, clientId) to:
End point: https://{domain}/api/identity/v1/CreateUserAccessToken-
Run the cURL command (replace the values as needed):
curl --request POST \ --url https://live.signifyhr.co.za/api/identity/v1/CreateUserAccessToken \ --header 'Content-Type: application/json' \ --cookie .AspNetCore.Antiforgery.3CuCAIFqZrU=YOUR_ANTIFORGERY_COOKIE \ --data '{"username":"YOUR_USERNAME","password":"YOUR_PASSWORD","clientId":"YOUR_CLIENT_ID","skipRulesetActiveCheck":false}' - The values for YOUR_USERNAME, YOUR_PASSWORD must be generated for a valid user in the system and provided by your system administrator. These roles linked to the user will apply to any API call made with the access token generated for this user, whose credentials were used
-
-
- The value YOUR_CLIENT_ID can be retrieved on the ruleset by going to
- Ruleset Management | System Access| Additional Service Section | Copy the GUID
- The value YOUR_CLIENT_ID can be retrieved on the ruleset by going to
- The call to CreateUserAccessToken returns a JSON response with an accessToken field in the Bearer eyJhbGciOi... format e.g.
{
"clientId": "",
"accessToken": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}- This token is valid for 24 hours and must be included in the Authorisation header of all subsequent API requests.
- Common HTTP response codes from CreateUserAccessToken
| Status Code | Meaning |
|---|---|
| 200 | Success |
| 400 | Bad request (invalid payload) |
| 401 | Unauthorised (invalid/expired token) |
USAGE EXAMPLE
See the PowerShell example below to generate a token and use it in a subsequent API call
- Generate an access token
- {username} - Signify supplied username
- {password} - Signify supplied password
- {clientId} - a unique GUID identifying the ruleset you are logging into
- {apiendpoint} - the endpoint where the system is installed, e.g. https://uat.signifyhr.co.za/api
- Example calling ListUsersExport
- accessToken is the bearer token and contains "Bearer {token}"
# generate access token
$headers = @{
"Content-Type" = "application/json"
}
$body = @{
username = "{username}"
password = "{password}"
clientId = "{clientId}"
} | ConvertTo-Json
$tokenResponse = Invoke-RestMethod `
-Uri "{apiendpoint}/identity/v1/CreateUserAccessToken" `
-Method POST `
-Headers $headers `
-Body $body
# Example usage calling ListUsersExport
$headers = @{
Authorization = "$($tokenResponse.accessToken)"
"Content-Type" = "application/json"
}
$body = @{
usernames = @()
} | ConvertTo-Json -Depth 3
$response = Invoke-RestMethod `
-Uri "{apiendpoint}/jobprofilerapi/v1/ListUsersExport" `
-Method POST `
-Headers $headers `
-Body $body
$users = $response.users | ConvertTo-Json -Depth 10Alternatively, do an API call to with the generated Bearer Token, e.g. (curl example shown below)
curl --request POST \
--url https://live.signifyhr.co.za/api/jobprofilerapi/v1/ListUsersExport \
--header 'Authorization: Bearer eyJhbGciOiJSU0EtT0FFUCIsImVuYy' \
--header 'Content-Type: application/json' \
--cookie .AspNetCore.Antiforgery.3CuCAIFqZrU=CfDJ8Hi8OnAP6ORHszWOQew53ZOflprtx-Z7uZWkSEuz9GCof6HofABpqxhDQ44OMf0jhUtql92Qi52mQ5RMyz2B1WWnfCh_UT3sqdirlIE7tVAWNrCMktPKz-45rJPgrDPGB08daEeRo8ZarHwr4nLT_wI \
--data '{"usernames":[]}'