Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Update of REST AuthN instructions per DS-2898

...

curl -s -H "Accept: application/xml" http://localhost:8080/rest/communities | xmllint --format - 

 

Example usage from command line in JSON format with pretty printing:

...

MethodEndpointDescription
GET/REST API static documentation page
POST/login

Login to the REST API using a DSpace EPerson (user). It returns a token JSESSIONID cookie, that can be used for future authenticated requests (as a value of the rest-dspace-token request header).

Example Request:

Code Block
curl -
H "Content-Type: application/json" --data '{"email":"admin@dspace.org", "password":"dspace"}' http://localhost:8080/rest/login

Example Response:

1febef81-5eb6-4e76-a0ea-a5be245563a5

v "https://dspace.myu.edu/rest/login?email=admin@dspace.org&password=dspace"

Example Response:

Code Block
HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=6B98CF8648BCE57DCD99689FE77CB1B8; Path=/rest/; Secure; HttpOnly

Example of using JSESSIONID cookie for subsequent (authenticated) requests:

Code Block
curl -v "https://dspace.myu.edu/rest/status" --cookie "JSESSIONID=6B98CF8648BCE57DCD99689FE77CB1B8"
# This should return <authenticated>true</authenticated>, and information about the authenticated user session

Invalid email/password combinations will receive an HTTP 403 Forbidden.

POST/logout

Logout from the REST API, by providing a header rest-dspace-token401 Unauthorized response.

Please note, special characters may need to be HTTP URL encoded. For example, an email address like dspacedemo+admin@gmail.com (notice the + special character) would need to be encoded as dspacedemo%2Badmin@gmail.com.

POST/logout

Logout from the REST API, by providing a JSESSIONID cookie. After being posted this token cookie will no longer work.

Example Request:

Code Block
curl -X POST -
H "Content-Type: application/json" -H "rest-dspace-token: 1febef81-5eb6-4e76-a0ea-a5be245563a5" http://localhost:8080/rest/logout
v "https://dspace.myu.edu/rest/logout" --cookie "JSESSIONID=6B98CF8648BCE57DCD99689FE77CB1B8"

After posting a logout request, cookie is invalidated and the "/status" path should show you as unauthenticated (even when passing that same cookie). For example:

Code Block
curl -v "https://dspace.myu.edu/rest/status" --cookie "JSESSIONID=6B98CF8648BCE57DCD99689FE77CB1B8"
# This should show <authenticated>false</authenticated>

Invalid token will result in HTTP 400 Invalid Request

GET/test

Returns string "REST api is running", for testing that the API is up.

Example Request:

Code Block
curl
http://localhost:8080/rest/test

Example Response:

REST api is running.

GET/status

Receive information about the currently authenticated user token.

Example Request:

curl -X GET -H
 https://dspace.myu.edu/rest/test

Example Response:

Code Block
REST api is running.
GET/status

Receive information about the currently authenticated user token.

Example Request (XML by default):

Code Block
curl -v "https://dspace.myu.edu/rest/status" --cookie "JSESSIONID=6B98CF8648BCE57DCD99689FE77CB1B8"

Example Request (JSON):

Code Block
curl -X GET -H "Content-Type: application/json" -H
"Accept: application/json" -H "rest-dspace-token: f2f478e2-90f2-4e77-a757-4e838ae94154" http://localhost:8080/rest/statusExample Response:
 "Accept: application/json" -v "https://dspace.myu.edu/rest/status" --cookie "JSESSIONID=6B98CF8648BCE57DCD99689FE77CB1B8"

Example JSON Response:

Code Block
{"okay":true,"authenticated":true,"email":"
admin@dspace
dspacedemo+admin@gmail.
org
com","fullname":"DSpace
Administrator","token":"f2f478e2-90f2-4e77-a757-4e838ae94154
 Administrator"}

Communities

Communities in DSpace are used for organization and hierarchy, and are containers that hold sub-Communities and Collections. (ex: Department of Engineering)

...