Brigadehub currently uses third-party OAuth for authentication into the system. As of right now, only Github OAuth has been implemented, but other implementations are being discussed/worked on.

The API also uses JWTs (JSON Web Tokens) assigned on OAuth handshake for subsequent authentication.


Method Endpoint Response Result
GET /auth/github 302, redirect to Github Auth Depending on the feature needed by brigadehub, it will require different scopes, initial being publicly accessible information, and escalating to full access for admins of Brigadehub.
Once complete, this endpoint will return to a predefined redirect URI with the JWT attached to the query string: http://localhost:5465/?token=yourjwt.tokengoes.here12345678 - Store this token in your application (localstorage, sessionstorage, cookies work well for this).

JWT Access

When making requests, either attach the token to your request header in the form of an Authentication Bearer token, or to your url query parameters with the key token:


curl -X GET -H "Authorization: Bearer yourjwt.tokengoes.here12345678" http://localhost:5465/api/users?createdAt__gt=1483747200000


To logout, send a request to /logout, and delete the token from wherever you have it stored.

results matching ""

    No results matching ""