Authentication

Each request to the SAYMON API requires you to be authenticated. SAYMON provides three authentication schemes, each of them is described below.

Session Authentication

In this scheme, you first request a server to create a session ID based on your login credentials. After the server creates such an ID, it sends it back to you. Then, you have to provide this session ID in the subsequent requests in the Cookie header. Each time the server compares this ID with the initially generated and, in case the IDs match, produces a successful response.

To create a new session ID, use the Create Session ID method. When the ID is no longer required, you should delete it using the Delete Session ID method.

Basic Access Authentication

This scheme requires you to provide your login and password in the Authorization header for every request. The examples below show how to apply the scheme for the Get Current User method:

Bash
JavaScript
NodeJS
Python
Bash
login=<...>
password=<...>
saymon_hostname=<...>
url=https://$saymon_hostname/node/api/users/current
curl -X GET $url -u $login:$password
JavaScript
let login = <...>
let password = <...>
let saymonHostname = <...>
let path = "/node/api/users/current";
let auth = "Basic " + btoa(login + ":" + password);
let headers = new Headers();
headers.append("Authorization", auth);
let requestOptions = {
method: "GET",
headers: headers
};
fetch(saymonHostname + path, requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log("error", error));
NodeJS
const http = require("http");
let login = <...>
let password = <...>
let saymonHostname = <...>
let path = "/node/api/users/current";
let auth = "Basic " + Buffer.from(login + ":" + password).toString("base64");
let options = {
"method": "GET",
"hostname": saymonHostname,
"path": path,
"headers": {
"Authorization": auth
},
};
let req = http.request(options, function (res) {
let chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function (chunk) {
let body = Buffer.concat(chunks);
console.log(body.toString());
});
res.on("error", function (error) {
console.error(error);
});
});
req.end();
Python
import requests
login = <...>
password = <...>
saymon_hostname = <...>
url = "https://" + saymon_hostname + "/node/api/users/current"
response = requests.request("GET", url, auth=(login, password))
print(response.text)

A successful response looks like this:

{
"id": "your_id",
"login": "your_login",
"authenticationToken": "your_auth_token",
...
}

Token Authentication

In this scheme, you first request a server to create an authentication token based on your login credentials. After the server creates such a token, it sends it back to you. Then, you have to provide this token in the subsequent requests as a query parameter. Each time the server compares this token with the initially generated and, in case the tokens match, produces a successful response.

To create a new token, use the Create Authentication Token method. Note that after the new token is created, a previously generated one becomes invalid. When the token is no longer required, you can delete it using the Delete Authentication Token method.

Using the Token Authentication scheme, you may provide access to your SAYMON API to third party users by sharing your API token with them.