- How to get an API access token?
- How to work with Refresh Token and Access Token?
- How to Create and Deploy a Custom Publishing Activity?
- How to Create, Run, and Deploy a Custom Service?
- How to set or get the value of an attribute?
- How to create and manage a publishing channel?
- How to migrate configurations from one server to another?
- How to retrieve audit events?
- How to generate custom audit events?
- How to check-in an asset to the repository?
- How to verify the status of a checked-in asset?
- How to create a collection on the repository?
- How to publish a document?
How to work with Refresh Token and Access Token?
Authentication Flow
After you have logged in, Quark Publishing Platform NextGen generates a pair of tokens as credentials, which are Access token and Refresh token.
This is applicable only for authentication via a form-based username/password and SAML based SSO.
Acquire Refresh Token
After authentication, Quark Publishing Platform NextGen sets Refresh token as a HTTP cookie named ce-auth. Quark Publishing Platform NextGen validates ce-auth everytime you request to get or renew an Access token.
Quark Publishing Platform NextGen sets ce-auth as a session cookie or a long lived presistent cookie based on whether or not you have selected the option Remember Me on the login page.
Acquire Access Token
After authentication, you can get an Access token by invoking the following API:
GET/auth/accessTokenIn response, Quark Publishing Platform returns the following data:
- A JSON formatted object containing
a. token: A JWT based access token.
b. duration: Duration for which the token is valid.
c. rememberMe : A flag to identify if the user had requested the option of ‘Remember Me” in authentication flow. - The Access token, which is the value of the cookie named pwt.
Quark Publishing Platform NextGen validates pwt everytime you access a protected resource. Based on the resource, you must provide an Access token as a HTTP cookie or header along with request to access a resource.
Renew Access Token
An Access token or cookie expires soon (typically within 60 minutes). To continue working in Quark Publishing Platform NextGen without having to login again, you must renew the Access token using the same API that you use to get the Access token.
Default Expiry Configuration
- Refresh token: As long as the browser remains open (maximum 24 hours)
- Refresh token (with Remember me checked): 7 days
- Access token: 1 hour
If you have to access Quark Publishing Platform NextGen frequently, you must do either of the following:
• Periodically renew the access token
• Acquire an Access token before every batch of requests to API
You can acquire an Access token without authentication as long as the Refresh token is valid. When the Refresh token has expired, you get the error HTTP 401. In this case, Quark Publishing Platform NextGen displays the login page and you have to do the authentication again.
Get the Refresh Token as Text
You can use the following URL to get the Refresh token as text.
/auth/tokenQuark Publishing Platform NextGen displays the Refresh token as text after the authentication, which contains the credentials of the authenticated user.
You can use the Refresh token to acquire an Access token.
Sample Access Token
The following information is available in an Access token:
{ // Unique ID to track tokens and their relations "uuid": string; // User ID as in Platform "id": string; // Type of token "type": “access” | “refresh”; // login name of user in Platform "userName": string; // CE license assigned to user. "licenseType": “author” | “access” | null; // The tenant ID "tenant": string; // version of token format. Value may be used to identify depcrecated or unsupported tokens. // 2.0 Version introduces access and refresh token pairs, uuid // 1.0 tokens are still valid as access tokens. "version"= “2.0”; // refresh UUId from which access token is generated "refreshTokenId?": string; }