Token authentication
You can also use the Connhex CLI to perform common actions across Connhex services.
In order to call any Connhex API with your account credentials, you'll first need to authenticate to Connhex. You can do so by using the Connhex Auth APIs to obtain a token: the following sections provide a brief introduction using cURL and jq to demonstrate how this can be done. If you're looking for more detailed documentation on authentication flows, see here
Create a login flow
First, create a login flow and retrieve the login flow URI:
$ curl -s -X GET -H "Accept: application/json" "https://accounts.<domain>/auth/self-service/login/api" | jq -r '.ui.action'
https://accounts.<domain>/auth/self-service/login?flow=<login-flow-id>
Submit the login flow
The next step consists of submitting the login flow obtained with the previous call using your username and password.
$ curl -s -X POST -H "Accept: application/json" -H "Content-Type: application/json" -d '{"identifier": "<username>", "password": "<password>", "method": "password"}' "https://accounts.<domain>/auth/self-service/login?flow=<login-flow-id>" | jq -r '.session_token'
This will return your connhex-token:
ory_st_0123456789abcdefg
Test on Connhex APIs
Once you have a connhex-token, you can call Connhex APIs passing it as Bearer authorization token:
$ curl -s -X GET -H "Accept: application/json" -H "Authorization: Bearer <connhex-token>" https://accounts.<domain>/auth/sessions/whoami | jq -r '.identity.traits.email'
<your-email>
What's next?
By default, newly registered users are assigned basic permissions and don't have access to the majority of Connhex APIs. To grant access to specific APIs, you'll need to assign permissions to your user1.
- Or any group of users.↩