Skip to main content

Authenticate with the Nooxl REST API

Every Nooxl REST API call must be authorized with an access token. You obtain the token from the authenticate endpoint using an API login.

API login

Authentication can use a Microsoft / Office 365 account or the Nooxl identity manager. For API use, an API login (login + password) is created in the identity manager by a system user and granted the needed rights in the Nooxl App. The examples here use that login.

warning

The API user must sign in to Nooxl Apps directly at least once before using the API.

note

The language/culture set for the API login affects number formatting (for example in model calculate). We recommend English.

Request

POST https://{nooxlApiHostName}/api/v1/app/login/authenticate

The API host depends on the installation — for the Nooxl demo it is https://ncs-demo.nooxl.com, giving https://ncs-demo.nooxl.com/api/v1/app/login/authenticate.

The body carries Login and Password:

authenticate - request body
{
"Login": "API-Tester",
"Password": "ivtP@t>UN>KF9"
}

Response

On success the response contains a Token; only that value is needed:

authenticate - response body
{
"AuthKey": "_vT...",
"TimeZoneOffset": -1,
"Token": "eyJhb.....CQ"
}

Send the token on subsequent calls in an Authorization header as a bearer token: Authorization: Bearer eyJhb.....CQ. The token expires after a server-defined period and must then be renewed.