This command retrieves a token from an ExtraView instance, in order that the token may be used in subsequent API calls without the need for these subsequent API calls to send the password in clear text. The protocol used to generate the token and to apply this is termed OAuth2. When a valid token is generated, it has an expiry date and time, based upon the value in the behavior setting named OAUTH2_TOKEN_LIFETIME_SECONDS. After the token expires, a new token must be requested, again using the get_token command. If an API request is made using an expired token, the server treats the call as an invalid sign on and access is refused.
https://www.myserver.com/evj/ExtraView/ev_api.action?
user_id=username
&password=password
&statevar=get_token
[&ev_send_xml=false | true]
The token is returned as plain text, unless the parameter ev_send_xml is set to true, in which case the token is returned within an XML format.
Example 1: Send the URL:
https://www.myserver.com/evj/ExtraView/ev_api.action?user_id=my_user_id&password=my_password&statevar=get_token
This returns:
Token:x3o4xNX8xYm4gRE5YrtLPq3Bybtav9Xao8VBI1oPtz8
Type:Bearer
Lifetime:3600
Expiration Date:2020-07-02 18:39:48.818 -0700
Scope:read write
Example 2: Send the URL:
https://www.myserver.com/evj/ExtraView/ev_api.action?user_id=bsmith&password=bill&statevar=get_token&ev_send_xml=true
This returns:
<?xml version="1.0" encoding="UTF-8"?><access_token>
<value> ayBNRrDElFvyv7yrTlT2rAiOkCtth1Ez9M7cQyh1hHc </value>
<type> Bearer </type>
<lifetime> 3600 </lifetime>
<Expiration Date> 2020-07-02 18:39:48.818 -0700 </lifetime>
<scope> read write </scope>
</access_token>
At this point in time, the type and scope within the returned data have no meaning.
Once a valid token is returned, you may use this in subsequent API calls, with the following being an example - note there is no User ID or Password parameters:
https://www.myserver.com/evj/ExtraView/ev_api.action? access_token=ayBNRrDElFvyv7yrTlT2rAiOkCtth1Ez9M7cQyh1hHc&statevar=fields&include_fields=y
