API user access keys

To create an api access key for a specific user, the API expects a POST request. Unlike other API requests, an authorization header is not needed.

POST Authentication/ApiAccessKeys

Example request

   "username": "Quasimodo",
   "password": "VerySecretPassword",
   "officeCode": "YourBaseconeOfficeCode",
   "clientIdentifier": "81638f6b-2e84-4abb-ab61-634afb455d15",
   "clientSecret": "iaq2DGp243kYA2PcmuQYTqcQ26cBOFQ+t8U92S8JX1zZASnzwOmu680pFwVs/NPE2zoQDWzM0QSNdYRc"

Username, password and office code are the same credentials the user needs to log in to the Basecone Webportal. The client identifier and client secret are send by email when the client application was registered with Basecone.

Example response


Possible error responses

Status code Error code Details
400 user_credentials_invalid Credentials of specified user are not valid.
400 user_has_no_roles User has no roles assigned to him, user should have at least one role to be able to authenticate.
400 user_locked_out This user is temporarily locked out, due to too many failed authenticate requests.
400 client_credentials_invalid The credentials of the specified client application are not valid.