Skip to content
This repository has been archived by the owner on Feb 12, 2022. It is now read-only.

Authentication

Jump to bottom
textractor edited this page May 2, 2018 · 4 revisions

Argus uses token-based authentication, which supports a stateless model. Tokens maintain the state information (e.g., the user principal, etc.) and are sent with each and every request. Requests can then be routed to any server in the pool of servers on the Argus backend and be serviced without having to retrieve state information from elsewhere.

How do I use Token-Based Auth?

  1. Use the new endpoint to login/authenticate yourself. This will generate a pair of tokens (accessToken, refreshToken) for you. Example:
ReqeustType: POST

RequestURL: http://localhost:8080/argusws/v2/auth/login

Request Headers: 
Content-Type: application/json

Request Body:
{
   "username": "myUsername",
   "password": "iAmAFancy24DigitPassword"
}

Response:
{ 
   "accessToken": "iAmAnExampleAccessToken",
   "refreshToken": "iAmEnExampleRefreshToken"
}

The accessToken is valid for 1 hour. The refresh token is valid for 30 days. If you are storing these tokens, do so securely. If some other party gains access to these tokens, that party can authenticate on your behalf since tokens aren't stored server-side and there is no way to revoke access.

  1. With each subsequent request, send the accessToken using the Authorization header. Example:
 
ReqeustType: GET

RequestURL: http://localhost:8080/argusws/dashboards/

Request Headers: 
Content-Type: application/json
Authorization: Bearer iAmAnExampleAccessToken

Response:
{
   "id": 100010,
   "createdById": 100001,
   "createdDate": 1473971201852,
   "modifiedById": 100001,
   "modifiedDate": 1474463574596,
   "name": "dashboard name",
   "content": "dashboard content",
   "ownerName": "bhinav.sura",
   "shared": false,
   "description": "Dashboard description"
}

If the accessToken has expired, you will receive a 401 Unauthorized. Use the refreshToken to obtain a new accessToken as follows:

ReqeustType: POST

RequestURL: http://localhost:8080/argusws/v2/auth/token/refresh

Request Headers: 
Content-Type: application/json

Request Body:
{
   "refreshToken": "iAmEnExampleRefreshToken"
}

Response:
{
   "accessToken": "iAmANewAccessToken",
   "refreshToken": "iAmEnExampleRefreshToken"
}

You can then use the new accessToken for each of your subsequent requests. Every 30 days, the refreshToken itself expires. In that case, go back to step 1. I.e., re-login/authenticate yourself by providing your username and password.

Argus

Home
Getting Started
Contributing
Token-Based Authentication Release Notes

User Guide

Alerts
Annotations
Dashboards
Metrics
Histograms
Namespaces

Data Model

Alert
Annotation
Audit
Batch
Credentials
Dashboard
History
Metric
Namespace
Notification
Trigger
User
Histogram

Transforms

UI and Code Examples

Web Service API

Clone this wiki locally