Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Before you begin:

  • The base URL is https://api.armor.com.
  • This endpoint requires TLS 1.2+.
  • The API uses standard OAuth authentication.
  • If you account requires multi-factor authentication (MFA), you should configure your HTTP client to have a timeout that allows sufficient time to enter the MFA response.


To access the API, you must first authenticate. 

  1. Enter the login information for the Armor Management Portal (AMP). Review the following example.  

    POST /auth/authorize
     
    {
      "username": "user@domain.com",
      "password": "password123%^&"
    }
  2. If the authentication is successful, you will receive the authorization code (code). Review the following example. 

    {
     "redirect_uri": null,
     "code": "<<base64-hash>>”,
     "success": true
    }
  3. Redeem the authorization code (code) to retrieve the access token. Review the following example.   

    POST /auth/token
     
    {
      "code":"<<base64-hash>>",
      "grant_type":"authorization_code"
    }
  4. If the request is successful, you will receive the access token (access_token). You must redeem this token within two minutes of the previous request. Review the following example. 

    {
     "access_token": "<<32-bit-uuid>>",
     "id_token": "<<base64-hash>>",
     "expires_in": 1800,
     "token_type": "Bearer"
    }
  5. Enter the access token (access_token) to complete the authentication process. Review the following example. 

    Authorization: FH-AUTH <<access_token>> 
  6. (Optional) The access token expires every 30 minutes. If you want to extend the session, then you can request a new access token before the current access token expires. In this example, you do not need to authenticate again with the new access token. Review the following example. 

    POST /auth/token/reissue  
    
    {   
    	"token": "<<32-bit-uuid>>" 
    }  
  7. (Optional) If the request is successful, you will receive the previous access token without the ID token. Review the following example. 

    {  
     "access_token": "<<32-bit-uuid>>",  
     "id_token": null,  
     "expires_in": 1800,  
     "token_type": "Bearer" 
    } 
  8. (Optional) If you have multiple accounts in AMP, you may want to specify the account to configure. Enter the integer for the account ID. Review the following example. 

    X-Account-Context: <<int>>

    To retrieve your account ID:

    1. Access the Armor Management Portal (AMP).

    2. On the left-side navigation, click Account

    3. In the Overview screen, copy the number in Account Number

    4. In the command line, for X-Account-Context, enter the Account Number.