api:authorization

Authorization

To get started, you must do the following:

  1. Create a new bot in Pyrus. Bots are technical accounts that can't use the web or mobile applications. You can find detailed instructions for creating bots in this article.
  2. Log in to the bot's profile and copy the API access key — security_key. If the user does not have one yet, press the button Get new security key.
  3. Perform the authorization request auth. It returns access_token, which must be specified in each subsequent request.

You can use your account for all your testing and development needs. Just create an API access key in your profile.

GET /auth

https://api.pyrus.com/v4/auth
    ?login=bill.smith@somedomain.edu
    &security_key=czSHwEAthJKMshQ*****
Show response

{
    "access_token": "gAAAAA15vmSeoj*****"
}

Parameters

login Bot's login
security_key Security Key, obtained on step 2

Using the token

The obtained token must be specified in the HTTP Authorization header for each API request:

Authorization: Bearer gAAAAA15vmSeoj*******

The token lifetime is limited, so your application must be able to reauthorize if the token has been revoked.

Revoking tokens

Access tokens can be revoked in the following cases:

  • The token has expired.
  • The maximum number of tokens per user has been exceeded. If the limit is reached, creating a new token automatically invalidates the oldest token.
  • The user has changed security_key in his profile. In this case, all tokens issued with the obsolete security key will be revoked.
  • The user has changed his password.
  • The user's account has been blocked.

Was this article helpful?

Yes, thanks! No, I have a question