Certain integrations may request a bearer token. LimaCharlie uses JWTs and the following article will explain how you can retrieve one.

LimaCharlie Cloud has a concept of API keys. Those are secret keys that can be created and named, and then in turn be used to retrieve a JWT that can be associated with the LC REST Api at https://api.limacharlie.io.

This allows construction of headless applications able to securely acquire time-restricted REST authentication tokens it can then use.

Getting a JWT

Simply issue an HTTP GET or HTTP POST (recommended) such as:

curl "https://app.limacharlie.io/jwt?oid=c82e5c17-d520-4ef5-a4ac-c454a95d31ca&secret=1b1ae891-4316-4124-b859-556dd92add00"

where the oid parameter is the organization id as found through the web interface and the secret parameter is the API key.

The return value is a simple JSON response with a jwt component which is the JWT token. This token is only valid for one hour to limit the possible damage of a leak, and make the deletion of the API keys easier.

A valid bearer token (with active access_token or refresh_token properties) keeps the user's authentication alive without requiring him or her to re-enter their credentials frequently. The access_token can be used for as long as it's active, which is up to one hour after login or renewal.

Did this answer your question?