Token authentication
In order to call any Connhex API with your account credentials, you'll first need to authenticate to Connhex. You can do so by using the Connhex Auth APIs to obtain a token.
Create a login flow
First, create a login flow and retrieve the login flow URI:
$ curl -s -X GET -H "Accept: application/json" "https://accounts.<domain>/auth/self-service/login/api" | jq -r '.ui.action'
https://accounts.<domain>/auth/self-service/login?flow=<login-flow-id>
Submit the login flow
The next step consists of submitting the login flow obtained with the previous call using your username and password.
$ curl -s -X POST -H "Accept: application/json" -H "Content-Type: application/json" -d '{"identifier": "<username>", "password": "<password>", "method": "password"}' "https://accounts.<domain>/auth/self-service/login?flow=<login-flow-id>" | jq -r '.session_token'
This will return your connhex-token:
ory_st_0123456789abcdefg
Test on Connhex APIs
Once you have a connhex-token, you can call Connhex APIs passing it as Bearer authorization token:
$ curl -s -X GET -H "Accept: application/json" -H "Authorization: Bearer <connhex-token>" https://accounts.<domain>/auth/sessions/whoami | jq -r '.identity.traits.email'
<your-email>
What's next?
By default, newly registered users are assigned basic permissions and don't have access to the majority of Connhex APIs. To grant access to specific APIs, you'll need to assign permissions to your user1.
- Or any group of users.↩