Brigadehub currently uses third-party OAuth for authentication into the system. As of right now, only Github OAuth has been implemented, but other implementations are being discussed/worked on.
The API also uses JWTs (JSON Web Tokens) assigned on OAuth handshake for subsequent authentication.
||Depending on the feature needed by brigadehub, it will require different scopes, initial being publicly accessible information, and escalating to full access for admins of Brigadehub.
Once complete, this endpoint will return to a predefined redirect URI with the JWT attached to the query string:
When making requests, either attach the token to your request header in the form of an
Authentication Bearer token, or to your url query parameters with the key
http://locahost:5465/api/users?token=yourjwt.tokengoes.here12345678&createdAt__gt=1483747200000 curl -X GET -H "Authorization: Bearer yourjwt.tokengoes.here12345678" http://localhost:5465/api/users?createdAt__gt=1483747200000
To logout, send a request to
/logout, and delete the token from wherever you have it stored.