Protocols/WebAPI/Auth/Client/logout: Difference between revisions

From NINA Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
{{Protocols/WebAPI}}
{{Protocols/WebAPI}}


This page is about the logout method for [[Protocols/WebAPI/Auth|WebAPI authentication]].
This page is about the logout method for [[Protocols/WebAPI/Auth/Client|WebAPI Client]] authentication.


Terminates the user's authentication session and invalidates the Authentication Tokens obtained via 'clientLogin' method.
Terminates the user's authentication session and invalidates the Authentication Tokens obtained via 'clientLogin' method.
Line 28: Line 28:
*** Base64 encoded digital signature (HMAC-SHA256) of the request using the Session Key generated as below.
*** Base64 encoded digital signature (HMAC-SHA256) of the request using the Session Key generated as below.
**** Session Key = base64_encode[HMAC-SHA256(key, data)] where key is the user's password and data is the session secret obtained from clientLogin response.
**** Session Key = base64_encode[HMAC-SHA256(key, data)] where key is the user's password and data is the session secret obtained from clientLogin response.
*** Please refer to [[Protocols/WebAPI/Auth/Signing_Requests|Signing Requests]] for information about how to generate signature.
*** Please refer to [[Protocols/WebAPI/Auth/Client/Signing_Requests|Signing Requests]] for information about how to generate signature.


== Response Format ==
== Response Format ==
Line 110: Line 110:
[[Category:AIM]]
[[Category:AIM]]
[[Category:Protocols/WebAPI]]
[[Category:Protocols/WebAPI]]
[[Category:Protocols/WebAPI/Auth]]
[[Category:Protocols/WebAPI/Auth/Client]]
[[Category:Work_In_Progress]]
[[Category:Work_In_Progress]]

Revision as of 22:53, 25 March 2020

WebAPI Protocol
Basic
Introduction
Clients
Whimsicals
Host Interaction
Flow
Authentication
Client
WebApp
Other Services
Foodgroups

This page is about the logout method for WebAPI Client authentication.

Terminates the user's authentication session and invalidates the Authentication Tokens obtained via 'clientLogin' method.

Initial Request

  • URL
    • http(s)://api.screenname.nina.bz/auth/logout
  • HTTP Method
    • GET or POST
  • Arguments
    • devId (required)
      • your developer Id required to access NINA APIs
    • f (required)
      • the required format of the response (XML, JSON, or the query string)
    • s (optional)
      • the loginID of the source user (if known)
    • language (optional)
      • the required language and locale of the error/status messages. This is always in "<lang>-<locale>" format. The lang is the 2 letter language code for I18N (default: en) and the locale is the 2 letter Locale code for I18N (default: us). If not passed in, the language will be extracted from HTTP header (Accept-Language) and if that is not available will default to "en-us". Check below for our current supported language list.
    • c (optional)
      • the callback method to use when using jsonp convention (argument f = json)
    • r (optional)
      • an URL safe string to be used as requestId - when passed it is returned back in the response
    • a (required)
      • the Authentication token returned by login or getToken methods
    • sig_sha256 (required)
      • Base64 encoded digital signature (HMAC-SHA256) of the request using the Session Key generated as below.
        • Session Key = base64_encode[HMAC-SHA256(key, data)] where key is the user's password and data is the session secret obtained from clientLogin response.
      • Please refer to Signing Requests for information about how to generate signature.

Response Format

The XML standard wrapper

       <response>
            <statusCode />
            <statusText />
            <statusDetailCode />
            <requestId />
            <data>
                 ....
            </data>
       </response> 

The JSON standard wrapper

   {"response":{
        "statusCode":""
        "statusText":"",
        "statusDetailCode":""
        "requestId":""
        "data":{
              ....
        } 
   }}

Query String

The following parameters will be returned back as name-value string in URL Query String format (name=value&name=value&...):

  • statusCode
  • statusText
  • statusDetailCode
  • requestId

Error Codes

  • 200 - Success (Ok)
  • 304 - Not modified
  • 400 - Invalid request
  • 405 - Method not allowed
  • 408 - Request timeout
  • 430 - Source rate limit reached
  • 440 - Invalid Key
  • 441 - Key usage limit reached
  • 442 - Key invalid IP
  • 443 - Key used from unauthorized site
  • 444 - token used from unauthorized site (Referer doesn't match the value in token)
  • 460 - Missing required parameter
  • 461 - Source required
  • 462 - Parameter error
  • 500 - Generic Server Error

Sample Response

XML

     <response xmlns="https://api.login.nina.bz">
        <statusCode>200</statusCode>
        <statusText>OK</statusText
     </response>

JSON

    {"response":{
        "statusCode":200,
        "statusText":"OK"
    }}

Query String

statusCode=200&statusText=OK