Overview
Error Handling

Methods

API Documentation (API Version v1)

Account/Auth/

DESCRIPTION

This section contains methods to update and use an account's authentication credentials.

expireToken

URL:

https://api.stormondemand.com/v1/Account/Auth/expireToken

Description:

This method will expire an existing token immediately instead of waiting for it to expire on its own. This is useful if you want to forcibly stop the use of a token for security reasons.

Parameters:

No Values Defined

Returns:

FieldType
expiredA boolean value (0 or 1).

Possible Errors:

Refer to the Error Handling documentation for the list of exception types

token

URL:

https://api.stormondemand.com/v1/Account/Auth/token

Description:

Authentication tokens are short-term alternative credentials for an account. Once a user logs in with their password, you should use that password to generate an authentication token, which can be cached by your application. The authentication tokens time out after a specified period of inactivity (defaults to 15 minutes, maximum time is 1 hour).

Tokens can be kept alive by calling this method again before the token expires, up to a maximum of 12 hours. After 12 hours, the token will be expired permanently and a new token will need to be retrieved using the original password for your user.

Examples:

A token can be used to provide better password security, while still allowing an application to store credentials temporarily to avoid repeated logins.

1. User logs in with their real password 2. You use that password to get a token 3. You store the token in their session and use it to authenticate on successive page hits.

This allows you to avoid the insecurity of storing their password in their session. And since the token is only good for a limited amount of time, the potential security threat is minimized.

Parameters:

ParameterType
timeoutA positive integer value (i.e. 1 and up).

Returns:

FieldType
expiresA valid unix epoch value (the number of seconds since Jan 1, 1970).
tokenA base64 string, consisting of letters, digits, +, /, possibly terminated by zero to two "=" characters

Possible Errors:

Refer to the Error Handling documentation for the list of exception types