Versions Compared

Old Version 60

changes.mady.by.user Hans Fredrik Unelsrød

Saved on

compared with

New Version 61

changes.mady.by.user Hans Fredrik Unelsrød

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Status
colourGreen
titlev1.1
 

...

The API key will be accessible only once and if a user loses or forgets their API key, any administrator for your organization will be able to revoke that user's access and generate a new code for them.


Info

Important note!

Users whose API key will be used to make API calls must have "extended access" privileges.

We strongly recommend to create dedicated Integration user on your Inspera Assessment system, with only "extended access" and "user administrator" privileges, and use API authorization code from this user

Generating API keys can only be done by users that have both User Admin and Extended Access roles.

Calls made with a given API key will follow the same privileges as the linked user account has. The same goes for webhook notifications. We strongly recommend creating dedicated Integration users on your Inspera Assessment tenant, and use API keys from these users for integration API calls. This is to make the integration independent of personal user -independentaccounts. 


Where is API key in Inspera Assessment user interface?

...

curl -d "" -H "code:<your user API authorization code>" "https://<your inspera domain>/api/authenticate/token/ ?grant_type=authorization_code&client_id=<your client_id>"


All the APIs assume a base url in the following format:

https://<your inspera domain>/api 

In this table you will find key values for API authentication:


Value

URL

/api/authenticate/token/

Method

POST

URL Parameters:

*required


grant_type*

authorization_code

code*

(string)

client_id*

(string), please see above for more details on how to obtain this information)

Data Parameters:

(required for POST)


Content-Type

application/x-www-form-urlencoded

Responses:


200

Success

Returns: 

{
    "access_token": string,
    "expires_in": integer
}

400

Error: Bad request

Returns:

{

    "error": [OAuth2Exception]

}

401

Error: Unauthorized

Returns:

{

    "error": "invalid_grant"

}

409

Error: Conflict

Returns:

{

    "error": "Multiple tokens for user",

    "description": "Please contact inspera support"

}

500

Error: Internal server error

Returns:

{

    "error": "Internal error authenticating user",

    "description": "Please contact inspera support"

}

501

Error: not implemented

...

Sample scenario using command line tools to authenticate and get test results

...

Required data used in this sample

Field

Value

User authorization code (from Inspera user administration)

123456-7890-abcd-efgh

Inspera domain

demo.inspera.no

client_id

demo


Step 1: authenticate and obtain access token

...