Authentication and Authorization

Authentication & Authorization

Introduction

Web API 3 provides a new way of communicating with Cryptolens. Instead of having different access levels (where permission is given on a global level), Web API 3 provides a uniform way of authentication and authorization (please see the explanation of terms below).

The access token is an additional parameter that you have to add to each request, i.e. token={accesstoken}. For example

https://api.cryptolens.io/api/key/GetKey?token={accesstoken}&ProductId=1234&Key=MUYVD-LSEBY-CXHRQ-XFAGY&Sign=True

Access Tokens

An access token is an easy way of identifying yourself to Cryptolens and ensuring that only a specified scope of permissions is given.

You can think of access tokens as your login credentials that are restricted to a certain scope of methods (in the Web API). Here's an example of an access token.

WyI0IiwiM0l0SlRwQTFTSUNDcXNXQXhsdG8ra0ZmQUU5L0wrVGZRUUQrZ1lybSJd

You can manage your access tokens on the Access Token page.

Note, an access token will only be shown once. There is no way of retrieving it once generated.

Please make sure that you treat each access token as your personal password. Although an access token has a restricted scope, it will be able to access products even if they are not set to IsPublic.

Create an Access Token

Scopes

A scope is a way of telling Cryptolens what an access token is allowed to do. It allows you to specify the allowed methods in Web API 3 and if you want to restrict it to a certain product or key. Let's look at them more in detail!

Method Lock

If you check a box for a specific method during access token creation, you will be able to use that token to enable that method only.

For example, if you check the Extend License box, you will be able to access that method only. If the box is not selected, you will get the message Access denied.

Product, Key or Feature Lock

Say that you've enabled access to certain methods in the Web API (as described) above. Now, the objective is to ensure that the token works with a certain product only. In this case, simply set Product lock to the product id of the desired product. The same can be done using Key lock, but instead, it will be locked to that particular key. Finally, the Feature lock will restrict to a certain feature.

In case you want the token to have access to all your products (or all keys inside a certain product), all you have to do is to enter 0 in either Product lock or Key lock.

Explanation of Terms

Authentication - It's a way of identifying yourself to Cryptolens, i.e. so that Cryptolens knows who is performing the request
Authorization - It's a way of making sure that only the desired permission is given to something.