Authentication

Web service calls are authenticated by verifying that a valid authentication token is in the header of the request. Following are instructions and examples using Postman.

  1. In the Postman app, open a new tab by clicking the +

  2. Obtain an authentication token by a post to the authorizations endpoint.

    1. Select POST for the request

    2. Enter the URL

      1. The URL for the endpoint is https://xxx.studytrax.com/api/v1/authorizations. Change "xxx" to the prefix of the server you are targeting (e.g., "my" if target is https://my.studytrax.com).

    3. Select Body

    4. Select raw

    5. Select JSON in the dropdown

    6. In the body of the request, supply JSON with properties “username” and “password”

      1. For example {username: "myUsername", password: "myPassword"}

      2. Note, it may be helpful to create a user specifically for doing API calls. The user can be flagged as a “service account”, which means the user’s password will not expire and will not need multifactor authentication even if it is required at the customer level. Moreover, the user’s permissions can be limited to the functions needed for the API calls.

    7. Click Send

    8. If the request is successful, the response will contain JSON that has the authentication token as the authorization property.

  3. Add the authentication token to the header

    1. Select Headers

    2. Enter “x-authorization” in the KEY field

    3. Enter the authorization token in the VALUE field

  4. Continue to Import Subject Data or Export Data Sets