{"info":{"_postman_id":"bc0d7094-1e80-42b3-bd4a-0071b84f321f","name":"Leankoala - Authentication","description":"The auth collection bundles all requests for authentication and autorization. ","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json"},"item":[{"name":"Token","item":[{"name":"create (by credentials)","event":[{"listen":"test","script":{"id":"54e5f9a4-2204-41b2-8e9e-aa98edac6ea9","exec":[""],"type":"text/javascript"}}],"id":"e152e8b4-66be-427d-a32b-2bfbf5bac9c2","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"auth":{"type":"noauth"},"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"},{"key":"x-run-dry","value":"{{dryRun}}","description":"If this value is set to true no databse elements will be created.","type":"text","disabled":true}],"body":{"mode":"raw","raw":"{\n\t\"username\": \"{{username}}\",\n\t\"password\": \"{{password}}\",\n\t\"with_memories\": true\n}"},"url":"{{kapi_server}}/v1/auth/tokens/access","description":"Retrieve a JSON web token with all rights for the given user. This token is valid for a limited time (15min). Additionally, a refresh token is attached in the response. Using this token it is possible to create a new valid access token for 24 hours via the `refresh` endpoint. "},"response":[{"id":"94c4b727-6a87-4158-9f11-cb89df6edc62","name":"Success","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"username\": \"{{username}}\",\n\t\"password\": \"{{password}}\"\n}","options":{"raw":{"language":"json"}}},"url":"{{kapi_server}}/kapi/v1/auth/tokens/access"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Date","value":"Wed, 19 Feb 2020 15:58:41 GMT"},{"key":"Server","value":"Apache/2.4.33 (Ubuntu)"},{"key":"Cache-Control","value":"no-cache, private"},{"key":"Upgrade","value":"h2"},{"key":"Connection","value":"Upgrade, Keep-Alive"},{"key":"Vary","value":"Accept-Encoding"},{"key":"Content-Encoding","value":"gzip"},{"key":"Content-Length","value":"606"},{"key":"Keep-Alive","value":"timeout=5, max=100"},{"key":"Content-Type","value":"application/json"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"message\": \"Token successfully created.\",\n    \"data\": {\n        \"user_id\": 1,\n        \"token\": \"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1ODIxMjg4MjEsImFjY2VzcyI6eyJwcm9qZWN0LnN5c3RlbS5jcmVhdGUiOnsicHJvamVjdCI6WzEsMCwzLDEwMDAsNyw4LDksMTAwMSwxMDAzLDEwMDQsMTAwNSwxMDA2LDEwMDksMTAxMCwxMDEyLDEwMTMsMTAxNCwxMDE4LDEwMjAsMTAyMSwxMDIyLDEwMjMsMTAyNCwxMDI2LDEwMjddfSwicHJvamVjdC5zeXN0ZW0udXBkYXRlIjp7InByb2plY3QiOlsxLDAsMywxMDAwLDcsOCw5LDEwMDEsMTAwMywxMDA0LDEwMDUsMTAwNiwxMDA5LDEwMTAsMTAxMiwxMDEzLDEwMTQsMTAxOCwxMDIwLDEwMjEsMTAyMiwxMDIzLDEwMjQsMTAyNiwxMDI3XX0sInByb2plY3Quc3lzdGVtLmRlbGV0ZSI6eyJwcm9qZWN0IjpbMSwwLDMsMTAwMCw3LDgsOSwxMDAxLDEwMDMsMTAwNCwxMDA1LDEwMDYsMTAwOSwxMDEwLDEwMTIsMTAxMywxMDE0LDEwMTgsMTAyMCwxMDIxLDEwMjIsMTAyMywxMDI0LDEwMjYsMTAyN119LCJwcm9qZWN0LmNyZWF0ZSI6eyJwcm9qZWN0IjpbMSwwLDMsMTAwMCw3LDgsOSwxMDAxLDEwMDMsMTAwNCwxMDA1LDEwMDYsMTAwOSwxMDEwLDEwMTIsMTAxMywxMDE0LDEwMTgsMTAyMCwxMDIxLDEwMjIsMTAyMywxMDI0LDEwMjYsMTAyN119LCJwcm9qZWN0LnVwZGF0ZSI6eyJwcm9qZWN0IjpbMSwwLDMsMTAwMCw3LDgsOSwxMDAxLDEwMDMsMTAwNCwxMDA1LDEwMDYsMTAwOSwxMDEwLDEwMTIsMTAxMywxMDE0LDEwMTgsMTAyMCwxMDIxLDEwMjIsMTAyMywxMDI0LDEwMjYsMTAyN119LCJwcm9qZWN0LmRlbGV0ZSI6eyJwcm9qZWN0IjpbMSwwLDMsMTAwMCw3LDgsOSwxMDAxLDEwMDMsMTAwNCwxMDA1LDEwMDYsMTAwOSwxMDEwLDEwMTIsMTAxMywxMDE0LDEwMTgsMTAyMCwxMDIxLDEwMjIsMTAyMywxMDI0LDEwMjYsMTAyN119fX0.Riw1KrsKuiF-qgRM157wD-jieWFTNAfL-Jrq9czUSl4\",\n        \"refreshToken\": \"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1ODIxMjkzNjEsImFjY2VzcyI6eyJ0b2tlbi5yZWZyZXNoIjp7InVzZXIiOlsxXX19fQ.6GxqRrPLrH-6Qkz0akLWmp3xjVR0jwGdmBNvQKT9rCk\"\n    }\n}"},{"id":"b3965ab7-53bb-41f5-8262-da72a63f2966","name":"Forbidden","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"username\": \"{{username}}1\",\n\t\"password\": \"{{password}}\"\n}","options":{"raw":{"language":"json"}}},"url":"{{kapi_server}}/kapi/v1/auth/tokens/access"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"Date","value":"Wed, 19 Feb 2020 15:59:59 GMT"},{"key":"Server","value":"Apache/2.4.33 (Ubuntu)"},{"key":"Cache-Control","value":"no-cache, private"},{"key":"Upgrade","value":"h2"},{"key":"Connection","value":"Upgrade, Keep-Alive"},{"key":"Keep-Alive","value":"timeout=5, max=100"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Content-Type","value":"application/json"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"error\",\n    \"message\": \"Password or username incorrect.\"\n}"}],"_postman_id":"e152e8b4-66be-427d-a32b-2bfbf5bac9c2"},{"name":"create read-only (by token)","event":[{"listen":"test","script":{"id":"54e5f9a4-2204-41b2-8e9e-aa98edac6ea9","exec":[""],"type":"text/javascript"}}],"id":"97cbff39-7819-48e1-a492-24e72b082d4f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"auth":{"type":"noauth"},"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"},{"key":"x-run-dry","value":"{{dryRun}}","description":"If this value is set to true no databse elements will be created.","type":"text","disabled":true}],"body":{"mode":"raw","raw":"{\n\t\"username\": \"{{username}}\",\n\t\"password\": \"{{password}}\",\n\t\"with_memories\": true\n}"},"url":"{{kapi_server}}/v1/auth/tokens/access","description":"Retrieve a JSON web token with all rights for the given user. This token is valid for a limited time (15min). Additionally, a refresh token is attached in the response. Using this token it is possible to create a new valid access token for 24 hours via the `refresh` endpoint. "},"response":[{"id":"4f5d593e-e573-4bd3-9f31-077b9934849f","name":"Forbidden","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"username\": \"{{username}}1\",\n\t\"password\": \"{{password}}\"\n}","options":{"raw":{"language":"json"}}},"url":"{{kapi_server}}/kapi/v1/auth/tokens/access"},"status":"Forbidden","code":403,"_postman_previewlanguage":"json","header":[{"key":"Date","value":"Wed, 19 Feb 2020 15:59:59 GMT"},{"key":"Server","value":"Apache/2.4.33 (Ubuntu)"},{"key":"Cache-Control","value":"no-cache, private"},{"key":"Upgrade","value":"h2"},{"key":"Connection","value":"Upgrade, Keep-Alive"},{"key":"Keep-Alive","value":"timeout=5, max=100"},{"key":"Transfer-Encoding","value":"chunked"},{"key":"Content-Type","value":"application/json"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"error\",\n    \"message\": \"Password or username incorrect.\"\n}"},{"id":"87e7007e-bcc8-4e1f-9897-82d84878f3d4","name":"Success","originalRequest":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"username\": \"{{username}}\",\n\t\"password\": \"{{password}}\"\n}","options":{"raw":{"language":"json"}}},"url":"{{kapi_server}}/kapi/v1/auth/tokens/access"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"Date","value":"Wed, 19 Feb 2020 15:58:41 GMT"},{"key":"Server","value":"Apache/2.4.33 (Ubuntu)"},{"key":"Cache-Control","value":"no-cache, private"},{"key":"Upgrade","value":"h2"},{"key":"Connection","value":"Upgrade, Keep-Alive"},{"key":"Vary","value":"Accept-Encoding"},{"key":"Content-Encoding","value":"gzip"},{"key":"Content-Length","value":"606"},{"key":"Keep-Alive","value":"timeout=5, max=100"},{"key":"Content-Type","value":"application/json"}],"cookie":[],"responseTime":null,"body":"{\n    \"status\": \"success\",\n    \"message\": \"Token successfully created.\",\n    \"data\": {\n        \"user_id\": 1,\n        \"token\": \"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1ODIxMjg4MjEsImFjY2VzcyI6eyJwcm9qZWN0LnN5c3RlbS5jcmVhdGUiOnsicHJvamVjdCI6WzEsMCwzLDEwMDAsNyw4LDksMTAwMSwxMDAzLDEwMDQsMTAwNSwxMDA2LDEwMDksMTAxMCwxMDEyLDEwMTMsMTAxNCwxMDE4LDEwMjAsMTAyMSwxMDIyLDEwMjMsMTAyNCwxMDI2LDEwMjddfSwicHJvamVjdC5zeXN0ZW0udXBkYXRlIjp7InByb2plY3QiOlsxLDAsMywxMDAwLDcsOCw5LDEwMDEsMTAwMywxMDA0LDEwMDUsMTAwNiwxMDA5LDEwMTAsMTAxMiwxMDEzLDEwMTQsMTAxOCwxMDIwLDEwMjEsMTAyMiwxMDIzLDEwMjQsMTAyNiwxMDI3XX0sInByb2plY3Quc3lzdGVtLmRlbGV0ZSI6eyJwcm9qZWN0IjpbMSwwLDMsMTAwMCw3LDgsOSwxMDAxLDEwMDMsMTAwNCwxMDA1LDEwMDYsMTAwOSwxMDEwLDEwMTIsMTAxMywxMDE0LDEwMTgsMTAyMCwxMDIxLDEwMjIsMTAyMywxMDI0LDEwMjYsMTAyN119LCJwcm9qZWN0LmNyZWF0ZSI6eyJwcm9qZWN0IjpbMSwwLDMsMTAwMCw3LDgsOSwxMDAxLDEwMDMsMTAwNCwxMDA1LDEwMDYsMTAwOSwxMDEwLDEwMTIsMTAxMywxMDE0LDEwMTgsMTAyMCwxMDIxLDEwMjIsMTAyMywxMDI0LDEwMjYsMTAyN119LCJwcm9qZWN0LnVwZGF0ZSI6eyJwcm9qZWN0IjpbMSwwLDMsMTAwMCw3LDgsOSwxMDAxLDEwMDMsMTAwNCwxMDA1LDEwMDYsMTAwOSwxMDEwLDEwMTIsMTAxMywxMDE0LDEwMTgsMTAyMCwxMDIxLDEwMjIsMTAyMywxMDI0LDEwMjYsMTAyN119LCJwcm9qZWN0LmRlbGV0ZSI6eyJwcm9qZWN0IjpbMSwwLDMsMTAwMCw3LDgsOSwxMDAxLDEwMDMsMTAwNCwxMDA1LDEwMDYsMTAwOSwxMDEwLDEwMTIsMTAxMywxMDE0LDEwMTgsMTAyMCwxMDIxLDEwMjIsMTAyMywxMDI0LDEwMjYsMTAyN119fX0.Riw1KrsKuiF-qgRM157wD-jieWFTNAfL-Jrq9czUSl4\",\n        \"refreshToken\": \"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1ODIxMjkzNjEsImFjY2VzcyI6eyJ0b2tlbi5yZWZyZXNoIjp7InVzZXIiOlsxXX19fQ.6GxqRrPLrH-6Qkz0akLWmp3xjVR0jwGdmBNvQKT9rCk\"\n    }\n}"}],"_postman_id":"97cbff39-7819-48e1-a492-24e72b082d4f"},{"name":"create (by credentials, expire false)","event":[{"listen":"test","script":{"id":"54e5f9a4-2204-41b2-8e9e-aa98edac6ea9","exec":[""],"type":"text/javascript"}}],"id":"e455c982-811c-4c50-b54d-683c194b893f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"auth":{"type":"basic","basic":{"password":"lean","username":"koala"}},"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"},{"description":"If this value is set to true no database elements will be created.","key":"x-run-dry","type":"text","value":"{{dryRun}}","disabled":true}],"body":{"mode":"raw","raw":"{\n\t\"username\": \"{{user_monitor}}\",\n\t\"password\": \"{{password_monitor}}\",\n\t\"expire\": false\n}"},"url":"{{kapi_server}}/v1/auth/tokens/access","description":"This endpoint works like the `create (by credentials)` endpoint. Only the `expire` flag is set in the parameters. This means that the returned token will not expire but on every request this token is used the user rights are calculated again (which slows the API down). This flag can be used for other tools that continuously try to fetch data and are not able to handle the refreh token."},"response":[],"_postman_id":"e455c982-811c-4c50-b54d-683c194b893f"},{"name":"refresh","id":"494e0166-f75b-494c-bef5-d796ae69096e","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/json","type":"text"},{"key":"x-dry-run","value":"false","type":"text"}],"body":{"mode":"raw","raw":"{\n\t\"access_token\": \"{{refresh_token}}\"\n}"},"url":"{{kapi_server}}/v1/auth/tokens/refresh/1","description":"When creating a JWT access token the response also contains a JWT refresh token. Using this token it is possible to get a valid access token without resending the username and password.\n\nThis endpoint is used to get a fresh access token using the refresh token. "},"response":[],"_postman_id":"494e0166-f75b-494c-bef5-d796ae69096e"},{"name":"create (internal)","id":"53a28bbb-48b8-48ab-8c99-b662fd581d8a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\n\t\"access_token\": \"{{access_create_token}}\"\n}","options":{"raw":{"language":"json"}}},"url":"{{kapi_server}}/v1/auth/tokens/1","description":"**This request is only used by Leankoala internally.**\n\nThis endpoint will create an access and refresh token. It takes a valid JWT that is allowed to call action `token.create`.\n\n"},"response":[],"_postman_id":"53a28bbb-48b8-48ab-8c99-b662fd581d8a"}],"id":"80c23068-481c-4396-80cb-86f4311939d3","description":"Leankoala is using JSON web tokens to authenticate and authorize users. Leankoala users can log in via username and password using the `createByCredentials` endpoint. This will return a JWT that must be used for the next API calls.","_postman_id":"80c23068-481c-4396-80cb-86f4311939d3"}],"event":[{"listen":"prerequest","script":{"id":"d17e7f98-ca85-4a94-b3dd-e2501308b38a","type":"text/javascript","exec":[""]}},{"listen":"test","script":{"id":"ff0f3036-0dce-4aa4-ae93-3748617cc19a","type":"text/javascript","exec":["pm.test(\"Status is successful\", function () {","    var jsonData = pm.response.json();","    pm.expect(jsonData.status).to.eql(\"success\");","});","","pm.test(\"Status code is 200\", function () {","    pm.response.to.have.status(201);","});","","pm.test(\"Access-Control-Allow-Origin (CORS) is present\", function () {","    pm.response.to.have.header(\"Access-Control-Allow-Origin\");","});"]}}]}