🔑 Authentication and access¶
The ricloud API deals with two types of token:
- A ricloud authentication token is used to enable access to allow ricloud services. This takes a format like
mOXINBsbDr7sWjRfxXwxtVfgjUreBG8yevdTFGAOjDMHuCWLDJvFr5uFpzYkQuoE. Each client uses one or more ricloud tokens to connect to the APIs, as each is associated with a set of permissions.
- Service authentication tokens. These are tokens from the underlying cloud services which the API is working with. For instance, the iCloud has its own tokens.
Obtaining a ricloud token¶
Authentication to ricloud is performed using a token provided by Reincubate, which can be obtained by contacting firstname.lastname@example.org.
Authenticating with a ricloud token¶
In order to communicate with the API, clients must have a valid token.
Each client token is configured either for retrieval of content from aschannel or asstore. If the token is configured for one endpoint, it will not be possible to retrieve data from the other.
Successful requests will return an
HTTP 200 response:
$ curl \ -X GET \ -H 'Authorization: Token <TOKEN>' \ https://asapi.reincubate.com/account/ -D -
HTTP/1.0 200 OK Content-Type: application/json ...
If an invalid token is supplied – or if it is missing – the client will receive an
HTTP 401 response.
HTTP/1.0 401 Unauthorized Content-Type: application/json ...
Service authentication tokens¶
Some services have their own type of authentication tokens. That way, an account session can be reused or rehydrated, without the need to log-in again. One example of this is the
Clients using the asmaster service are not exposed to service authentication tokens, as asmaster handles this for them. Clients using asapi are able to access tokens where the underlying service supports them. Invariably it is considered better to use these tokens where they exist instead of end-user credentials.
|ricloud||Indefinite||Can be rotated by accounts team.|
||~months||Also known as