Secure Access Token to PMIS Web Service

1. Request the Token

URL: http://[DOMAIN HERE]/Main/Token.action

Method: POST/GET

Request Parameters:

Must contain the string sso
Must contain the string authorization_code grant type.
How long the token should be valid in seconds (default to 5 minutes)

Sample Request Body:


To receive authorization, the client sends the userid and password, separated by a single colon (:) character, within a base64 encoded string in the credentials.

The request must be sent using the following header field:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

..note QWxhZGRpbjpvcGVuIHNlc2FtZQ== -> userid:password encoded in base64

The response will be a json like the sample below:


2. Access Secured Pages or Services

After received the token is possible to access a page or service with two methods:

  1. Sending the request with the following header field:
Authorization: Token ZGlzY28xMjM0OltCQDFiNDVkODE=
  1. Sending the following parameter with the request:
The Access Token received before.

If the token is not valid or expired you will receive the error code 401:

HTTP Status 401 - Authentication Failed: Token not valid.