Access Token
Access token is required for subsequent requests to our resource server(s) to get protected resources.
Step 1: Get Client ID and Client Secret
Please refer to Setup on how to get CLIENT_ID and CLIENT_SECRET
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
CLIENT_ID |
String | Yes | Client ID or AppID as obtained from https://bo.kira.asia. | 10020 |
CLIENT_SECRET |
String | Yes | Client secret or AppSecret as obtained from https://bo.kira.asia. | F0NfID1ftdGdu27ybGMfT3vqqCMM9gwO |
Step 2: Encode the parameters from Step 1 in Base 64 format
Format:
CLIENT_ID
:
CLIENT_SECRET
Example:
Before Base64 encoding:
10020:F0NfID1ftdGdu27ybGMfT3vqqCMM9gwO
After Base64 encoding:
MTAwMjA6RjBOZklEMWZ0ZEdkdTI3eWJHTWZUM3ZxcUNNTTlnd08=
Step 3: Encrypt the End Result with SERVER PUBLIC KEY
Next, Asymmetric Encrypt the end result from previous
step with
SERVER_PUB_KEY
.
SERVER_PUB_KEY="-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkgv8hWMIReydv2wkA7z
0cy8SLCCDN+Rnz1G50QMPF+THkRdvks5F9FBMzpJWVHpnxmj7TDUEWAc1xJDcr3b
qkqId1cdgNeQ5KYDnER+UsVvQOkWPh3P+kDc9wvDIR6XKqeZnhtWvsYtI1cbivs/
bTqV18iIhEE0zHLkWL7aMO/n4KcMyu0gjqnC1RdhCGRPw1iUFvoX4EIrcnhZQUe3
KbA9Ko15EgwGLIC36KuB6iYWWnck9mRi2sWVXK3ve8rRANCWq7zQ2lxj5bSUb1I9
2eA4/GJQubNU0ShA8Y36/MEpep5q+YNHSEe0b9L4ObP5kI7RxLAXf2+oRkSpnXmJ
9QIDAQAB
-----END PUBLIC KEY-----"
And then you will get encrypted data like
0ef5e6fa91589dd1da1f2e23bb878e7a99dd67db392e61189af50f2da6dbca7698faa7421af9558b3b183c84912f931c0eb5dd52a17ba9339c9926142bfeeebb5579428f1220b30578873b1d91fb9d33963c7608bea53d9c8fd9fa1160d845ba33aabae183ea2ec97a15ecafe224133012e77783ef38e1ae5b3f1cd2709775d11d97bfd65ea029d00b821853ec8c319ddcebda9597aba08da7b8fe6bcca40da0b0c55fa75bd07f22702d5a78774e72a316379740bad92d896d979d5b5c2145c045d44d68e2ad901d961ac791b7ad70546c56fb8ec9f2c4af59fd7f4ee44be65f54dc57c063d8990ad1ea098adcfb5e043482875681ff8efd5fa5ea0e09b5921b
Step 4: POST to
/gateway/v1/createToken
endpoint
Method : POST
Staging Endpoint : https://api-stag.kira.asia/gateway/v1/createToken
Request
Headers
| Parameter | Type | Value |
|---|---|---|
content-type |
String | application/json |
Body
| Parameter | Type | Description | Example |
|---|---|---|---|
data |
String | Encrypted Data with SERVER PUBLIC KEY | 0ef5e6fa91589dd1da1f2e23bb......a5ea0e09b5921b |
Response
Body
| Parameter | Type | Description | Example |
|---|---|---|---|
code |
String | The status code of this API | 200 |
encryptedToken |
String | Encrypted Token that required be decrypted with CLIENT_SYMMETRIC_KEY |
a83cf72884cbbb....3ddf0744646e0cf0b482 |
message |
String | PlainText of the information of this request | 'Success' |
Example Response
{
"code": 200,
"encryptedToken": "a83cf72884cbbb341bdc6bcf46092752d48dba47658687432a1a103937a98976bcd85a89353ac704669311780f9f8caf75eea561af067b981401f05d5f5a97c058d7f793a7c3865fbeb3fdee31ecd2a6510b79f5a0e012a757862ee510fb6f2979ffd4e70eb0446ea27780cfdd1803e665f5604f995f07671319ee292799183f4d891a617a410c78e10b3e945d71e955046be62ad4d33ddf0744646e0cf0b482",
"message": "Success",
}
Step 5: Decrypt the
encryptedToken
with CLIENT_SYMMETRIC_KEY
Symmetric decrypt the encryptedToken,
a83cf72884cbbb341bdc6bcf46092752d48dba47658687432a1a103937a98976bcd85a89353ac704669311780f9f8caf75eea561af067b981401f05d5f5a97c058d7f793a7c3865fbeb3fdee31ecd2a6510b79f5a0e012a757862ee510fb6f2979ffd4e70eb0446ea27780cfdd1803e665f5604f995f07671319ee292799183f4d891a617a410c78e10b3e945d71e955046be62ad4d33ddf0744646e0cf0b482
with CLIENT_SYMMETRIC_KEY,
PCd1dlEmFnBXaVce06Pzp7Vike0oHnVJ
,
and you will get result of
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjEwMDIwIiwiaWF0IjoxNjY3MDU2ODkyLCJleHAiOjE2NjczMTYwOTJ9.UnVBt6Opxd_ZOMns1gCT40Ihdj1nbndi2V43Xt3fIuE
Step 6: Put the Token value into Header's Authorization for subsequent request
{
headers: {
Authorization: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjEwMDIwIiwiaWF0IjoxNjY3MDU2ODkyLCJleHAiOjE2NjczMTYwOTJ9.UnVBt6Opxd_ZOMns1gCT40Ihdj1nbndi2V43Xt3fIuE",
... //The Rest of the headers
}
}