Authentication and Token Management
NLS User License and Tokens
- The amount of tokens you can generate is tied to the amount of Users purchased with your NLS license or max concurrent user connection.
- Each token will count as one active user.
- NLS client logins and tokens are totaled together in active_users table and is checked on each token fetch request.
If the max number active users has been reached, the following NLS License Error is returned: Maximum number of concurrent users reached.
Authentication Server
Nortridge API authentication system is driven by the auth server and is implemented with OpenID Connect and OAuth 2.0 protocols using IdentityServer3
Restful Authentication
Once you are signed up with Restful API you may contact NLS Support for credentials to generate a token. Required fields for authentication:
- NLS Username
- NLS Password
- ClientID
- Secret
- Scope
Token Management
The auth server will provide the openID configuration endpoints used for managing tokens.
- Get Access Token - Postman example to request a new access token.
- Revoke Access Token - Postman example to revoke an access token.
- Refresh Access Token - Postman example to refresh an access token.
General guidelines to follow
- A token is set to expire in 5 minutes.
- Each api request requires a valid auth token.
- The same token may be used multiple times before it expires.
- You can actively revoke a token when is it is no longer in use.
Updated over 2 years ago