iFormBuilder API Code Samples
What's covered:
What is a JWT?
A JWT, or JSON Web Token, is a JSON-based open standard (RFC 7519) for creating access tokens that assert some number of claims.
What is a simple way to create a JWT?
If you are having trouble creating a JWT, the example below can help you get started quickly.
STEP 1. Click on this link http://jwt.io/
STEP 2. Copy the JSON in bold below into the blue "Decoded" section.
- Replace "iss" with your client key from the API Apps section.
- Replace (company name) in the "aud" parameter with your private server URL.
- Replace "exp" with current unix time +5 minutes
- Replace "iat" with current unix time
{
"iss": "XXXXXXXXXXXXXXXXXXXXXXXX",
"aud": "https://company.iformbuilder.com/exzact/api/oauth/token",
"exp": 1384370238,
"iat": 1384370228
}
STEP 3. Copy the Secret from the API Apps into the Secret section in the interface below.
STEP 4. Copy the Encoded value from the screenshot below and use this for your assertion parameter.
STEP 5. Using a REST client like POSTman, you need to send a request like the one below. Replace the "XXXXX" in the URL with your private DB name. The following two parameters are also required.
- grant_type
- assertion
Grant type will always be equal to "urn:ietf:params:oauth:grant-type:jwt-bearer", and your assertion is the value you copied from step 4.
PLEASE NOTE: Double check to ensure there are no spaces at the end or the beginning of your assertion.
Set your for request type to POST, and make sure the parameters are "www-form-urlencoded" and hit send. If everything has been setup correctly you will get an access token returned in the response.
PLEASE NOTE: The most common mistake is switching the IAT and EXP values or waiting too long and the time window expires.
Comments
9 comments
What changes for 6.0? I can't get a token using: https://servername.iformbuilder.com/exzact/api/v60/token
Works fine for the old url.
Hi David, the version only pertains to the application calls. The authentication requests are not versioned and you should continue using everything you have in place already for getting an access token.
Good day,
"Grant type will always be equal to "urn:ietf:params:oauth:grant-type:jwt-bearer""
Is this still true?
I get "error": "invalid_grant" when making requests.
The program used to run 100%, its been off for a few months, but now its not working, cant get an access token.
Hi Heinrich, yes that statement is still true. Can you confirm that your IAT and EXP are within the required tolerances (no greater than 10 minutes).
Hi again.
Thanks for the response.
I tried over and over again, but still no luck.
I am in South Africa (UCT+2), do you think this could have any affect? Maybe the timezones dont match.
I tried DateTime.Now - 2 hours, but still no luck.
Hi Tony,
Thanks for your response.
I tried many different approaches, no success.
I am in South Africa (UCT+2).
Do you think this affects anything
Lol, Sorry for the double message, had the first message type in another browser and thought I just closed it or something :P
Bombarding with messages, apologies.
Found the problem, not quite sure where it is though...
Our Time currently is 10:40, UCT is 8:40... However when I pull the UCT from Visual Basic i get 8:26... Not sure why....
Anyway I added 20 minutes to the overall time, and get the access token..., Reallly cant explain what happened...
Hi Heinrich, no worries on the questions.. more than happy to help. I am sure someone else will bump into this down the road as well.
The change you made does make sense as the IAT and EXP are compared with current UTC time when sent to the server. When there is a mismatch as large as the window you found, it would not validate and come back with the invalid grant response.
Glad to hear your integration is up and running again!
Please sign in to leave a comment.