# API Authorization
Authorization methods are located in User-service.
{% content-ref url="broken-reference" %}
[Broken link](https://docs-old.telematicssdk.com/user-statistics-and-analytics/broken-reference)
{% endcontent-ref %}
{% hint style="danger" %}
**VERY IMPORTANT! Read it carefully:**
Almost all responses contain DeviceToken, AccessToken and RefreshToken. We are currently in transition period of moving to a new platform. The existing platform already operates both with DeviceToken and AccessToken. We strongly recommend to store all three tokens to smoothly switch between platforms in the nearest future.\
\
After registration you will receive accessToken with JWT and refreshToken. Use JWT token for user's authorized requests. JWT token has a lifetime. After this period - it expires. When your JWT token is expired you should refresh your token.\
\
Here you can find information about how JWT works: \
\
We will support the old platform till November 01, 2021 and keep inform all our clients about progress and required steps.
{% endhint %}
{% hint style="warning" %}
To get and manage data of individual user you need to authorize with user's deviceToken (or JWT token in some cases), user's InstanceID and InstanceKey.\
\
To get and manage consolidated and accumulated data of user groups and all other users separately from your back-end, you need to authorize in API as admin with API Authorization Credentials.
{% endhint %}
## Authorization Types
| **API Services with authorization required** | **Authorization type** | **How to authorize in API** |
| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| | Authorize as User | InstanceID: User Group InstanceID
Login: User DeviceToken
Password: User Group InstanceKEY
|
| | Authorize as Admin with API Authorization Credentials | InstanceID: API InstanceID
Login: API Login
Password: API Password
|
## API Authorization Credentials
Please, follow to your **Management** page in **DataHub** and generate **API Authorization Credentials**. Use provided credentials to get access to API.\
\&#xNAN;*If you do not have access to Management page - please, ask your colleague with a Company Access to DataHub to provide you with these credentials.*
## Authorization
`POST` `https://user.telematicssdk.com/v1/Auth/Login`
The method allows to log into API and get access to sensitive information\
\
**Authorization**: Allow Anonymous
#### Headers
| Name | Type | Description |
| ---------- | ------ | ----------------------------------------- |
| InstanceID | string | User Group Instance ID or API Instance ID |
#### Request Body
| Name | Type | Description |
| ----------- | ------ | --------------------------------------- |
| LoginFields | string | User deviceToken or API Login |
| Password | string | User group Instance Key or API Password |
{% tabs %}
{% tab title="200 " %}
```
{
"Result": {
"DeviceToken": "String",
"AccessToken": {
"Token": "String",
"ExpiresIn": 1209600 // milliseconds
},
"RefreshToken": "String"
},
"Status": 200,
"Title": "",
"Errors": []
}
```
{% endtab %}
{% endtabs %}
### Format of body request
#### Authorize as user
```
{
"LoginFields": {deviceToken: "deviceToken"},
"Password": "InstanceKEY"
}
```
#### Authorize as Admin with API Authorisation Credentials
```
Authorize as Admin with API Authorization Credentials
{
"loginFields": {"Email":"4DED@auth.me"},
"password": "Password"
}
```
### curl Request:
{% tabs %}
{% tab title="Curl request" %}
```
curl -X POST “
https://user.telematicssdk.com/v1/Auth/Login”
-H “accept: /” -H “InstanceId: “String” -H “InstanceKey: “String” -H “Content-Type: application/json-patch+json” -d “{\“loginFields\“:{\“Email\“:\“myemail@mydomain.com\“},\“password\“:\“P@ssword\“}”
```
{% endtab %}
{% endtabs %}
curl -X POST “[https://user.telematicssdk.com/v1/Auth/Login”](https://user.telematicssdk.com/v1/Auth/Login%E2%80%9D) -H “accept: */*” -H “InstanceId: “String” -H “InstanceKey: “String” -H “Content-Type: application/json-patch+json” -d “{\“loginFields\“:{\“Email\“:\“\“},\“password\“:\“P\@ssword\“}”
{% hint style="danger" %}
Once you Log in and get credentials for further actions you have to be authorized. Please use Open Auth authorization.
Use **`"Authorization": "Bearer {Token}" // required`** in header for any method when authorization required.\
{Token} - the JWT token that you get in /v1/Auth/Login response method.
Please be informed, that the accesstoken expires every 2 hours. You have to update it every 2 hours using [refresh token and method **POST /v1/Auth/RefreshToken**](https://docs-old.telematicssdk.com/user-statistics-and-analytics/broken-reference)
**We recommend keeping both AccessToken and Refresh token and set a schedule to refresh AccessToken to get seamless access to telematics platform, APIs and services**
{% endhint %}
{% content-ref url="broken-reference" %}
[Broken link](https://docs-old.telematicssdk.com/user-statistics-and-analytics/broken-reference)
{% endcontent-ref %}
## Authorization via Swagger
Swagger:
### Login
#### Request
{% hint style="info" %}
Please have API's InstanceID ready
{% endhint %}
#### Response
```
{
"Result": {
"DeviceToken": "String",
"AccessToken": {
"Token": "String",
"ExpiresIn": 1209600
},
"RefreshToken": "String"
},
"Status": 200,
"Title": "",
"Errors": []
}
```
### Autorization
Please add Bearer JWT to authorization form.
{% hint style="danger" %}
Make sure you used a proper format value.
{% endhint %}
#### Example of format
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJiOTA5MDNkZi1iOWExLTQ3MzQtOWI1Yi02MDJkZGFiNmYwNmUiLCJqdGkiOiIzOGEyZmZmNi1kNmVkLTRjZGItOTRjMi1mOTk5NzIzYWUyYzMiLCJpYXQiOjE1ODQ0NTQ1MDcsIkFwcGxpY2F0aW9uSWQiOiIyMSIsIkRhdGFIdWJFbWFpbCI6ImFuZHJpeS50dXBjaGllbmtvQHJheGVsdGVsZW1hdGljcy5jb20iLCJJbnN0YW5jZUlkIjoiYThlN2I3M2YtNTA4Yi00OWNlLWFmNTItNGMwZTYwNzAxMTM2IiwiSW5zdGFuY2VLZXkiOiI2MjY5N2RiNi0xZjA1LTRlYmMtOTYzMC1iODg3MmIxNDJlMTIiLCJEZXZpY2VUb2tlbiI6ImI5MDkwM2RmLWI5YTEtNDczNC05YjViLTYwMmRkYWI2ZjA2ZSIsIkNvbXBhbnlJZCI6IjM5IiwiSXNEYXRhSHViVXNlciI6IlRydWUiLCJuYmYiOjE1ODQ0NTQ1MDcsImV4cCI6MTU4NTY2NDEwNywiaXNzIjoid2ViQXBpIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MTM3NCJ9.Cy2c\_FowBg4Ts1aPsKILn5-uI8NcY9dVIB4w9f8a8rY
{% hint style="danger" %}
For security purpose the API will accept any value with no error message. However, if you use incorrect value, you won't be able to get information from sensitive API.
{% endhint %}