Authentication

CloudIO REST API supports authentication using username and password, or with a key and secret, or with OAuth 2.0, an open protocol that allows secure API authorization.

JSON

Both the request and response payloads are in JavaScript Object Notation (JSON) format with UTF-8 encoding. Date-time information is in ISO 8601 format. For example, 2012-08-30T02:56:20.000-0700

Understanding authentication

CloudIO uses the OAuth protocol to allow the users of the application to securely access data without having to reveal their username and password credentials. For a simple integration, CloudIO supports username and password, or a key and secret option. Before making REST API calls, the client application must authenticate the application user using one of these methods. After successfully authenticating the client application user with CloudIO, the client receives a sessionId token which are used to make authenticated REST API calls.

To generate a token and secret key, sign into the CloudIO Platform and navigate to /api/keys though the browser.

The sessionId attribute in the response is stored by the client application and is passed in all the subsequent authenticated REST API calls. The sessionId expires if the client application is inactive for the number of minutes exceeding those specified in the sessionTimeout attribute. You can set the sessionTimeout for the REST client user using default session timeout CoudIO profile at the user level.

Note: The client application will have access to the datasources that are assigned to the roles accessible to the connected user.

Checking the validity of an existing session

The sessionId passed in every REST API request must be valid and active. You can use validateSession API to validate a given sessionId before making the actual REST API request.

Last updated