Skip to main content

Enboarder API Docs: Authentication & Overview

Adam Faludi avatar
Written by Adam Faludi
Updated over 3 months ago

Authentication & Overview

API Key and OAuth 2.0 tokens

Get your API key or OAuth 2.0 tokens from 'Settings' / 'Integration' / 'Our Extensions'

Supported Data format:

JSON

Date format supported

YYYY-MM-DD (example 2020-06-09)

Security

All Requests must be submitted as Https only.

Cipher supported

TLS_AES_256_GCM_SHA384

TLS_CHACHA20_POLY1305_SHA256

TLS_AES_128_GCM_SHA256

ECDHE-RSA-AES128-GCM-SHA256

ECDHE-ECDSA-AES128-GCM-SHA256

ECDHE-RSA-AES256-GCM-SHA384

ECDHE-ECDSA-AES256-GCM-SHA384

DHE-RSA-AES128-GCM-SHA256

ECDHE-RSA-AES128-SHA256

DHE-RSA-AES128-SHA256

ECDHE-RSA-AES256-SHA384

DHE-RSA-AES256-SHA384

ECDHE-RSA-AES256-SHA256

DHE-RSA-AES256-SHA256

Authentication

All API Requests will require authentication either by API key or by OAuth2.0.

  • Authentication via API key

All API Requests will require API Key to be passed in header as apikey. Optionally, Rest API can be turned off/on at Account level by going to Company Account from 'Settings' / 'Integration' / 'Our Extensions'

Sample Header:

1 apikey:3376266343930346134343a344a4a57383930312d39

2 Content-Type:application/json

Base URL:

AU ๐Ÿ‡ฆ๐Ÿ‡บ : https://api.syd.e1.enboarder.com

EU ๐Ÿ‡ช๐Ÿ‡บ : https://api.fra.e1.enboarder.com

US ๐Ÿ‡บ๐Ÿ‡ธ : https://api.ore.e1.enboarder.com

CA ๐Ÿ‡จ๐Ÿ‡ฆ : https://api.can.e1.enboarder.com

  • Authentication via OAuth2

The Rest APIs also support OAuth2 tokens. To enable this in the account, an admin needs to enable it from 'Settings' / 'Integration' / 'Our Extensions'.

Please click on the Activate OAuth2 button to generate Client and secret for OAuth2 App client. Optionally the user can enable / disable OAuth2 setting from this page.

Please note down the clientID and Secret. These are required to get the OAuth token.

OAuth2 token Enbdpoints

AU ๐Ÿ‡ฆ๐Ÿ‡บ : https://auth.syd.e1.enboarder.com/oauth2/token

EU ๐Ÿ‡ช๐Ÿ‡บ : https://auth.fra.e1.enboarder.com/oauth2/token

US ๐Ÿ‡บ๐Ÿ‡ธ : https://auth.ore.e1.enboarder.com/oauth2/token

OAuth2 token flow

In Enboarder we support Client credential flow. This is a very simple flow and suitable for system-to-system authentication. Here are the steps:

  • High level Flow

  • The Integration Developer asks for OAuth2 credentials such as Client ID, Client Secret and token URL. Admin user gets this info from our extension page.

  • Add the below scope in the request:

api/workflow.basic api/workflow.advance api/settings.all

  • On receiving this, the developer needs to call the token URL with clientid and secret to get this access token. Here is the sample request and response:

  • The token is valid for 1 hour. The developer needs to check its expiry time before sending this token in the Rest API request. If it expires then first generate a new token and use this.

  • Please send this token in header Authorization in request header while calling Rest API

Sample Header:

Authorization:eyl2233434_KpYvv4ZL---YCj09D8N0xv---LKdLhw Content-Type:application/json

The receiver system will then validate the token and grant access if the token is valid.


โ€‹

Did this answer your question?