Authenticate & Authorize

You must be an authenticated user to use the InstantSearch-API or Monitor-API.

To authenticate:

  1. Create an API Key inside the app under Profile->Account->API Keys.
    1. This API Key is a credential for logging in as the user that created the API Key. For that reason, it is recommended that a Client Admin create a specific “machine user” account and create the API Key as that machine user.
  2. Authenticate using the Identity-API with your API-KEY.
    1. POST to /identity/auth and use the api key Content-Type Header (application/vnd.providertrust-apikey-v1.0+json) and PT-JSON Accept Header (application/vnd.providertrust-v1.0+json)
   "apikey": "{{your api key here}}"
  1. After authentication, you will receive a JWT token.
   "token": "{{insert token}}",
   "message": "Authentication Successful"
  1. You must use the associated JWT token in the authorization header on all subsequent API requests ("Authorization": "Bearer {{token}}").
  2. The JWT token is valid for 12 hours.

API Reference: Identity-API