Staff User Authentication

Authenticate Staff User

POST /api/.../authentication/staffuser

Authorize a staff user. The staff authentication method utilizes standard HTTP Basic Authentication via the HTTP Authorization header. When the user agent wants to send the server authentication credentials it may use the Authorization header.

The Authorization header is constructed as follows:

  • Username and password are combined into a string "username:password"
  • The resulting string literal is then encoded using Base64
  • The authorization method and a space i.e. "Basic " is then put before the encoded string.
  • Authorization: Basic TVlMSUJcQWxhZGRpbjpvcGVuc2VzYW1l

It is important to note that the Domain name must be included with the username. For example, if the user agent is a member of the MYLIB domain, has 'Aladdin' as the username and 'opensesame' as the password then the combined "username:password" would appear as:

  • MYLIB\Aladdin:opensesame

The header with Base64 encoding is formed as follows:

  • Authorization: Basic TVlMSUJcQWxhZGRpbjpvcGVuc2VzYW1l

The return object from the staff authentication method contains an an access token and access secret. This pair of strings will be used for all other Polaris Application Service calls.

Request Information

HTTP Header Values
Name Required Description
Authorization Yes Contains the Basic scheme, Base64 encoded username:password
Request body
None

Response Information

Example
application/json, text/json 
{
    "SiteDomain": "polaris",
    "UserDomain": "iii.com",
    "AccessToken":"NXmeihFv2kq6meg3EdYoenv2VagJrPHs",
    "AccessSecret":"odXCBZuhXBkbwSo4",
    "AuthExpDate":"2013-03-26T10:41:11.103",
    "PolarisUser":{
        "PolarisUserID":923,
        "OrganizationID":3,
        "Name":"Young",
        "BranchID":null,
        "Enabled":true,
        "CreatorID":895,
        "ModifierID":null,
        "CreationDate":"2011-02-16T20:28:16.177",
        "ModificationDate":null
    },
    "ERMSNetworkAddress": "young-lt2.polarislibrary.com",
    "DataSource": "RD-POLARIS"
}

HTTP Response Codes

Code Description
200 OK. Success
401 Unauthorized

Get Staff User Authentication Result via Bearer Token

POST /api/.../authentication/staffuser/oauth

This endpoint can be used to return Polaris user authentication data attached to the Upn claim stored within the access token. This is meant to be called using the 'Bearer' authorization header scheme. The bearer token is an access token generated from an OAuth provider.

The Authorization header is constructed as follows:

  • Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImhBbm82bTRLczZVVVJWQjY4Zi1MZno0S2Z...

It is important to note that the Upn claim within the access token must be in the format of username@domain.

  • aladdin@mylib.org

The return object from the staff authentication method contains an an access token and access secret. This pair of strings will be used for all other Polaris Application Service calls.

Request Information

HTTP Header Values
Name Required Description
Authorization Yes Bearer scheme
Request body
None

Response Information

Example
application/json, text/json 
{
    "SiteDomain": "polaris",
    "UserDomain": "iii.com",
    "AccessToken":"NXmeihFv2kq6meg3EdYoenv2VagJrPHs",
    "AccessSecret":"odXCBZuhXBkbwSo4",
    "AuthExpDate":"2013-03-26T10:41:11.103",
    "PolarisUser":{
        "PolarisUserID":923,
        "OrganizationID":3,
        "Name":"Young",
        "BranchID":null,
        "Enabled":true,
        "CreatorID":895,
        "ModifierID":null,
        "CreationDate":"2011-02-16T20:28:16.177",
        "ModificationDate":null
    },
    "ERMSNetworkAddress": "young-lt2.polarislibrary.com",
    "DataSource": "RD-POLARIS"
}

HTTP Response Codes

Code Description
200 OK. Success
401 Unauthorized