New authorization way

Gurtam team has created more secure way of authorization similar to oAuth. Old authorization way (core/login) was valid till 01 Oct 2015. All clients who implemented own login forms or demo-access links should change them to meet new authorization way.

For now two forms exist: extended and simplified.

Extended form

Form is generally useful for mobile and other apps.

http://{host}/login.html
http://{host}/login.html?client_id=...&access_type=...&activation_time=...&duration=...&lang=...&flags=...&user=...&redirect_uri=...&response_type=...&css_url=...

All parameters are optional

Name Description On default
client_id app/site/client name for whom to generate token site name (title)
access_type token flags 0x100
activation_time token activation time
(UTC time in seconds: 0 - now)
0
duration token duration (in seconds)
MAX_DURATION = 8640000 - 100 days
0 - infinite token
2592000
(30 days
in seconds)
lang language (en, ru, …);
flags flags: 0x1 - return user name in response 0
user user name
(will be in login field)
redirect_uri URL to redirect and forward authorization results login.html itself
response_type response will be contain token (token) or AuthHash (hash) token
css_url URL to CSS-file with specified styles for login_simple.html

After successful authorization redirect to redirect_uri occurs and next GET-parameters transferred:

  • access_token — 72-symbol token which ma ybe used for authorization in future;
  • user_name — authorized user name (if 0x1 flag was stated before token generation).

In case of authorization error redirect occurs to the login form itself, specified error is shown and next GET-parameters transferred:

  • svc_error — error code;
  • client_id;
  • access_type;
  • activation_time;
  • duration;
  • flags.

After getting 72-symbol token you may use it in your authorization apps:

svc=token/login&params={"token":"<access_token>","operateAs":"<optional_sub_user>"}

:!: Attention! The number of tokens per user is limited by one thousand.

Simplified form

Form is made for simple embedding into sites via iframe to further quick jump to one or more monitoring sites after authorization On default link to monitoring site will be created. Also you may add links to other sites (using cms_url, lite_url, mobile_url, demo_url).

http://{host}/login_simple.html
http://{host}/login_simple.html?lang=...&cms_url=...&cms_title=...&lite_url=...&mobile_url=...&demo_title=...&demo_url=...&title=...&css_url=...

All parameters are optional

Name Description
lang language (en, ru, …)
cms_url URL to CMS Manager site (for example http://cms.wialon.com);
if stated – will be added to quick jump sites list
cms_title link title for CMS Manager
lite_url URL to Wialon Hosting Lite site (for example http://lite.wialon.com)
lite_title link title for Wialon Hosting Lite
mobile_url URL to Wialon Mobile site (for example http://m.wialon.com)
mobile_title link title for Wialon Mobile
title link title for Monitoring site
demo_url URL for demo-access (for example http://hosting.wialon.com/?token=<token>)
demo_title link title for demo-access
css_url URL to CSS-file with specified styles for login_simple.html
Follow us on Facebook Gurtam Wialon Twitter Gurtam Wialon info@gurtam.com   |   Copyright © 2002-2024 Gurtam