Authentication

Fortress utilizes Auth0 for secure access and authentication into our APIs.

The following is the call needed to obtain your bearer token:

POST {auth0_url}/oauth/token

{
  "grant_type": "password",
  "client_id": "{{client-id}}",
  "audience": "{{audience}}",
  "username": "{{org-email}}", //Email used to intially setup your organization
  "password": "{{org-password}}",
  "scope": "offline_access"
}

Speak to your Solutions Engineer about acquiring your organization's specific credentials for the above call.

Read Only API Users

Read Only API Users can now be created and linked to an existing Organization.

Steps:

Obtain a Bearer token for your current organization, and make the readonly API call

POST /api/organization/v1/current-organization/readonly (Current Organization Auth Needed)

//Sample Request Schema

 {  
  "email": "string" // needs to be a unique email  
 }

// Response

{
    "id": "{{returned UUID}}",
    "name": "{{Name of your Org}}",
    "phone": "{{Phone number tied to your Org}}",
    "email": "{{Email associated with your current Org}}",
    "readonlyEmail": "{{Email from the request body}}", // Read only user's "username"
    "readonlyPassword": "{{Password generated for your read only user}}" // Read only user's "password"
}

Pass along the readonlyEmail , readonlyPassword to your read only API user, as well as that other values you use for obtaining your master API's bearer token (client_id, audience, grant_type).
As the read only API user, obtain your bearer token from the auth endpoint, just as your master API user would:

POST {auth0_url}/oauth/token

{  
    "grant_type": "password",  
    "username": "{{readonlyEmail}}",  
    "password": "{{readonlyPassword}}",  
    "audience": "{{audience}}",  
    "client_id": "{{client_id}}"  
}

With your read only API bearer token, you can now make GET calls to pull information from the Master APIs Organization.