🖍️
Dataloy VMS API Documentation
API Release 8.5
API Release 8.5
  • Dataloy VMS API
  • Dataloy Rest API
    • What is it?
    • Authentication / Authorization
    • Getting Started
    • Data Model
    • Filtering
    • Sorting
    • Pagination
    • Adjust Number of Fields to be Returned from a Request
    • Webhooks
      • Webhook example
      • Expressions Made Easy
      • Webhooks - New functionalities
    • Master data Objects
    • Attachments
    • Audit Log
  • User Guides
    • Accounting Integration API
      • Invoicing
      • Payments/Receipts
      • Voyages
      • Business Partners
      • Exchange Rates
      • Bunker Transactions
      • Actuals
      • Autopost Invoices
      • Accruals
    • Schedule API
    • Bunker Order Integration API
    • Service Order Integration API
    • Vessel Report
      • Release 8.5
      • Release 8.0
      • Release 7.3 - 7.12
      • Release 7.0 - 7.2
      • Release 6.29 - 6.46
      • Legacy version (6.26 - 6.28)
      • Vessel report master data
    • Bunker Consumption API
    • Left join in API queries
    • Enterprise functionalities
      • Versioning
      • Endpoint access control
      • Data access control via target object
      • Data access control via target object and security role
      • Data access control at object level
      • Fields access control
      • Alert Scripts
      • Websockets
      • Bulk Deletion
      • Copy objects
      • OR and AND operators in API queries
      • Sub queries
      • XML Transformation
      • Expressions
      • Bulk Update
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Dataloy Rest API

Authentication / Authorization

Authentication and authorization is done through OAuth 2.

To get access to the protected resources OAuth 2.0 uses Access Tokens. An Access Token is a string representing the granted permissions.

To access to Dataloy API, you must request an Access Token.

To obtain an access token you need to do a POST request, to the provided URL, passing the client id and client secret in the payload

Example of POST payload to token URL

Parameters

Parameter Name
Description

grant_type

Set this to "client_credentials".

client_id

Your M2M Client ID.

client_secret

Your M2M Client Secret.

audience

The audience for the token, which is your API. For production environments use "https://dataloy". For test and DEV environments use "https://dataloy.dev"

Response

If all goes well, you'll receive an HTTP 200 response with a payload containing access_token, token_type, and expires_in values:

Call API endpoint

To call an API endpoint you must pass the retrieved Access Token as a Bearer token in the Authorization header of your HTTP request.

curl https://{URL}/ws/rest/{Resource}-H "Authorization: Bearer eyJ.........qLbZQ"

When an endpoint is invoked with an expired token the server sends a HTTP 401 response with the following payload:

The client should not ask for a new token for each call but use the same token as long as it is valid.

PreviousWhat is it?NextGetting Started

Was this helpful?

{
"client_id":"G99j845dM4MtckQlKt8E6o......",
"client_secret":"-mMElVOMzvht2SyQPfVh-WIaPCbOxRdWN5YngBxtBKybQmli-....",
"audience":"https://dataloy.internal",
"grant_type":"client_credentials"
}
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1....................fXClgZe2pFQBxPqARz9xfWlrFnc1El34ZPyRLoGlLIJLiE0NvOA1JLWycXCNo9N7AenAKEbj-gb2eW4TnpAiidDRmMV3m36UCuRAxWdVcvsRaJxXcquf79wAgEoEKriJklCxwKOnOyngbTZ2vDNim0nrw6-W0NOjRARkkY_w-188dY829z_urjsWuCC7TOMwfrQDLL2h72L2UrqlyL0hHMGQesau6h8KUsGg3EIoWPQ-Pf6o2CNCtGyr7DNuuLpCw9HqXiz5v-RIvKLBoaRMAAJJqBeXvpPvOcyicBlalcTWB5NMCe6Ldi9xqFmwjhO1CAtIk9QUa8wsOcXxg",
"expires_in": 86400,
"token_type": "Bearer"
}
{
    "statusCode": 401,
    "statusText": "Unauthorized",
    "message": "Token expired.",
    "date": "2019-11-13T06:26:01",
    "statusFamily": "CLIENT_ERROR",
    "method": "GET",
    "uri": "http://platform-dev.dataloy.com/ws/rest/Cargo?filter=subCargos.freight%28GTE%292500000"