Authentication

Getting credentials for authenticating requests to Verilocation

Authentication with the Verilocation V1 API suite is achieved via a token request for a Bearer token to a POST endpoint that accepts a body of Key/Value string pairs

Key

Value

GRANT_TYPE

password

USERNAME

'your_username'

PASSWORD

'your_password'

Returns a Bearer token as authentication for further requests

POST https://api.verilocation.com/token

Request Body

Name

Type

Description

GRANT_TYPE*

String

password

USERNAME*

String

your_username

PASSWORD*

String

your_password

{
    "access_token": "This_will_be_the_the_authorisation_token",
    "token_type": "bearer",
    "expires_in": 14400,
    "refresh_token": "This_is_a_guid",
    ".issued": "2023-01-24T17:35:00.3122436Z",
    ".expires": "2023-01-24T21:35:00.3123345Z"
}

A Username and Password needs to be created by the account administrators of an account. Any User's credentials can be used to request a Token, although we recommend creating a separate 'ApiUser' which has Administrator rights to the account, therefore allowing access to all data linked to the account. Please Remember to keep the User credentials secure as they will allow access to all account data.

Once returned, the bearer token should be added to the headers for future requests in the format:

"Authorization": "Bearer your_Token_Here"

Authentication code examples

using Newtonsoft.Json;
using System.Net.Http.Headers;

namespace AddsecureAuthDemo;

class Program
{
    static async Task Main(string[] args)
    {
        using var client = new HttpClient();

        // Create POST body 
        MultipartFormDataContent body = new MultipartFormDataContent();
        body.Add(new StringContent("password"), "GRANT_TYPE");
        body.Add(new StringContent("your_username"), "USERNAME"); // Change StringContent string to your Username
        body.Add(new StringContent("your_password"), "PASSWORD");// Change StringContent string to your Password

        // make the POST request
        var result = await client.PostAsync("https://api.verilocation.com/token", body);
        var resultContentJson = await result.Content.ReadAsStringAsync();

        // Deserialise to local object
        var authObject = JsonConvert.DeserializeObject<AddsecureTokenReturn>(resultContentJson);

        // Will output the returned Bearer token
        Console.WriteLine(authObject?.Token);
    }
}

internal class AddsecureTokenReturn
{
    [JsonProperty("access_token")]
    public string? Token { get; set; }

    [JsonProperty("token_type")]
    public string? Type { get; set; }

    [JsonProperty("expires_in")]
    public int ExpiresIn { get; set; }

    [JsonProperty("refresh_token")]
    public string? RefreshToken { get; set; }
}

To better understand Authenticating with Verilocation, the above can be copy/pasted into a Visual Studio Console App to run the example or found as a github project here

In the Parent Collection, set

Authorization => 'Type' = Bearer Token
Authorization => 'Token = {{LoginToken}}

Add the below script to Pre-request Script editor panel

const postRequest = {
    url: "https://api.verilocation.com/token",
    method: 'POST',
    body: {
            'mode': 'formdata',
            'formdata': [
                {'key':'grant_type', 'value':'password'},
                {'key':'username', 'value':'your_username_here'},
                {'key':'password', 'value':'your_password_here'}
            ]
    }
};
 
pm.sendRequest(postRequest, (err, response) => {
   pm.globals.set('LoginToken', response.json().access_token) 
});

This will set the global variable and allow child requests to use the central collection authentication.

All child folders and requests in subsequent collections, require authentication set to 'Inherit auth from parent' as below.

PreviousData Structuring NextGET requests

Last updated 2 years ago