Landax API uses OAuth standard for authentication. To authenticate, you need four parameters, that is application key, client key, username and password.
Application key and client key
There are used to identify which API client that is used. It is natural to have one client per integration, so if you are integrating to EG MainManager, make a client called EG MainManager.
Clients are created in the control panel, under "API".
When creating a client and saving, it will automatically get an application key and a client key.
Username and password
To get content from the system, you need a user with access to data. This is created the same way as other users in Landax. The user should be set as "API-user". API-users cannot log into the system via web interface or app, just via API, and it won't count towards total users in your license. The user must have all permissions it needs to do what the integration should do.
The authentication process
All queries to the API requires an authentication token that is sent as HTTP header Authorization: Bearer TOKEN . This token is retrieved by querying URL /authenticate/token. This does not reside under /api.
POST /authenticate/token?grant_type=password HTTP/1.1
Host: company.landax.no
Content-Type: application/json
Content-Length: ###
{
"client_id": "application key",
"client_secret": "client key",
"username": "username",
"password": "password"
}
will lead to the following response.
HTTP/1.1 200 OK
Content-Type: application/json
..headers..
{ "access_token": "string", "expires_in": 123, "token_type": "string", "scope": "api", "refresh_token": "string" }
The access_token is the token used for authentication in the API. The username, password and the keys is not to be used for later requests.
Renew token
The expires_in property says how long it is until access_token expires. When expiration is nearing, use refresh_token to get new access_token.
POST /authenticate/token?grant_type=refresh_token HTTP/1.1
Host: company.landax.no
Content-Type: application/json
Content-Length: ###
{
"client_id": "application key",
"client_secret": "client key",
"refresh_token": "refresh_token"
}
Basic authentication
It is possible to jump over this authentication process and use Basic authentication via HTTP header Authorization: Basic TOKEN where TOKEN is base64 of "username:password". Landax needs to enable this on their end, and it will only be enabled for special cases like PowerBI or Excel.