Authentication

OKAPI:Astrolabe uses Auth0 as identity provider. All registered user data resides in a safe database. The OKAPI services use an OAuth 2.0 password grant type, which results in an access token based on your credentials. The token is then used by the application to authenticate you, so you gain access to OKAPI:Astrolabe. (During the sign up for OKAPI:Astrolabe you have to take notice of our privacy policy, where an Auth0 statement can be found.)

In order to get an access token, you need to send a POST request to Auth0. With cURL, this would look as follows:

curl -X POST -H "Content-type: application/json" -d "@login-request-body.json" https://okapi-development.eu.auth0.com/oauth/token

Where login-request-body.json contains the following information:

{
    "grant_type": "password",
    "username": "<your email>",
    "password": "<your password>",
    "audience": "https://api.okapiorbits.space/picard",
    "scope":"openid profile email offline_access",
    "client_id": "jrk0ZTrTuApxUstXcXdu9r71IX5IeKD3"
}

The token you receive in the response needs to be included in an authorization header with every request, together with your organization ID. So requests need to have the following headers:

Authorization: Bearer <your access token>
X-Organization-Id: <your organization ID>

For example:

curl -H "Authorization: Bearer eyJh..." -H "X-Organization-Id: 65..." https://api-astrolabe.okapiorbits.com/cases

Note that the access token expires after 24 hours.

Getting started Python SDK