Authentication

All APIs take an token param in the Authorization header. These key are associated with a user and allow permission to the user to request the API.

Signature Request

Send a POST request to https://dsc-ocr.udata.id/api/user/login, by providing these arguments as application/json with request payload:

{
    "username": "YOUR_USERNAME",
    "password": "YOUR_PASSWORD"
}

you will get a response similar to this:

{
    "result": {
        "token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJsOG5Ma2ZtX2VYMDcydlhrMlhYMm91cFVEUmQwY2dmRzR3anltMjR2NjV3In0.eyJleHAiOjE2MjU4MDY5MjMsImlhdCI6MTYyNTgwNjYyMywianRpIjoiZmY0MDAxNWEtOGFiZC00ZWZlLWI4ZTItNWI0NGZmYWI0MGIxIiwiaXNzIjoiaHR0cDovL2tleWNsb2FrOjgwODAvYXV0aC9yZWFsbXMvb2NyIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6ImYwNWI4ZDkyLTBlNTMtNDU1MS1hZGJhLTBjYjU4NGQ4MTAwMiIsInR5cCI6IkJlYXJlciIsImF6cCI6ImFkbWluIiwic2Vzc2lvbl9zdGF0ZSI6IjMyN2JhYWZhLTRkZDgtNDkyZi05MDU4LWE4NjRiZDRhNzJhNiIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9kc2Mtb2NyLnVkYXRhLmlkIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJuYW1lIjoiYWJkYW5tdWxpYSBhYmRhbm11bGlhIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiNzBjYjYxNWItYzdjZS00NmIxLWE5OWEtNjU2ZjliNDI4MWZkIiwiZ2l2ZW5fbmFtZSI6ImFiZGFubXVsaWEiLCJmYW1pbHlfbmFtZSI6ImFiZGFubXVsaWEiLCJlbWFpbCI6ImFiZGFubXVsaWFAZ21haWwuY29tIn0.IqdfUoVEXmecy-JHNi5sRBp4WpXYZv-lJMCxTVzfUvAsoZG0By8Q2ovLfDOm4YiXGbfGZM8aRTgb6rdY9vkz4FimWz3IA6aKfgr2OvjwALZfpexfrVSMhXF9QgmOm9o2vanWYqAfO36jccbuD54eg3bjMhwQhioxRlNO9sj4S6t88Qvy7H9MHgCBBfK-d1uaHLKxIQ6Woi-rCpizROvUMpgQbrm_7lSakUGcWUa3rLDf6wE-DYOMrnB4CpC8PU60uj4Qwo3sAitUNG_IQrYKcDXIJUIMc77pxaZB2g-nZikOCAxf6Jt3LH6TI39dbxQr_7HQ2CN5AGQBHHR_n7rfOA",
        "expires_in": 300,
        "refresh_expires_in": 1800,
        "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI4MDE0ZmEzZS03MWFlLTRhYjMtOGVlYy04MGU4ZmVjNjZiZjUifQ.eyJleHAiOjE2MjU4MDg0MjMsImlhdCI6MTYyNTgwNjYyMywianRpIjoiNGNjOTVhMmUtNGExMy00M2ZmLWJkZmQtNmQ4MjNhMjg3NjA2IiwiaXNzIjoiaHR0cDovL2tleWNsb2FrOjgwODAvYXV0aC9yZWFsbXMvb2NyIiwiYXVkIjoiaHR0cDovL2tleWNsb2FrOjgwODAvYXV0aC9yZWFsbXMvb2NyIiwic3ViIjoiZjA1YjhkOTItMGU1My00NTUxLWFkYmEtMGNiNTg0ZDgxMDAyIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImFkbWluIiwic2Vzc2lvbl9zdGF0ZSI6IjMyN2JhYWZhLTRkZDgtNDkyZi05MDU4LWE4NjRiZDRhNzJhNiIsInNjb3BlIjoiZW1haWwgcHJvZmlsZSJ9.akiGJ0JgC512CjPKiP4hGlHdgDHE7-VzIDPCBzGDRRY"
    },
    "success": true
}

For security reason expires in 300 seconds, but you can get a new token without username or password just sent refresh_token to Refresh Token API

Construct Authorization Key

After you get the signature response contains token, you can start to construct your authorization key with this format:

Authorization=Bearer {YOUR_TOKEN}

Modify Authorizationfrom signature response

Configure Environment

You need to pass your authentication as a header each time you make an API request. Below are variables that you need to setup as a header before making a request:

Key

Value

Content-type

application/json

Authorization

Your authorization key.

PreviousArchitectureNextError Code

Last updated