Authentication
Via user
Some protected API routes are secured with a bearer token. To access such a route, an "Authorization" header has to be appended with the content "Bearer <token>". A valid token can be retrieved by calling the login API. The following routes are affected:
/api/v2/my/products
/api/v2/my/products/apps
/api/v2/my/subscrptions
In addition you can use this to activate your device. See #activate-device-via-user-license for details.
Via session id
Some protected API routes require a session id. To access such a route, an "X-Session-Id" header has to be appended with the session id as the content. For getting a session id see Acquiring a session id. The following routes are affected:
/api/v2/device/license/validate
/api/v2/manifests/{app}/{version}
/api/v2/tokens
Acquiring a session id
A successful device activation produces an initial session id which you can use to authenticate API calls. After some time the session id will expire. The console will set a currently valid session id in the "X-Session-Id" header of all responses on routes that require a session id for authentication. You should inspect the session id of all responses and switch to the new session id as soon as it changes.
Device activation
There are two ways to activate your device which will be explained in the following.
Activate device via user
Activating a device via a user consumes a license which can not be used again
The route /api/v2/device/license/activate
can be used to activate your device by providing an "Authorization" header as seen in Via user. On successful activation the console will respond with a valid session id and a license key. Put your license key somewhere save as you can reactivate your device via this license key if you lose your session id (e.g. after your device was factory reset). See Activate device via license key.
Activate device via license key
The route /api/v2/device/license/activate
can be used to activate your device by providing a license key in the request body. On successful activation the console will respond with a valid session id and a license key. This license key can be used to reactivate your device in case you lose your session id, but this will invalidate the previously used session id.
Last updated