Auth
API for creation or storage of auth tokens. Most of these tokens are created from the Integrations/Imports setup for Lytics integrations.
Additionally, api tokens can be created/managed from this endpoint.
The oauth, config information are write only attributes that cannot be subsequently read from the api, and is stored encrypted.
Auth
A single Auth object. The Auth resource is the central resource in the Lytics API.
The Auth resource has the following attributes:
| field | DataType | Description |
|---|---|---|
| id | string | unique id, Lytics assigned |
| account_id | string | Unique account id, lytics assigned |
| created | Date | Created date |
| updated | Date | Last Updated Date |
| provider_id | string | the id of the provider resource that this auth is used for |
| user_id | string | the id of the user resource that originally provided this auth (optional) |
| user_name | string | Name of the user that provided auth |
| config | object | Json object of name/value pairs that provides auth info Writeonly attribute |
| oauthtoken | object | oauth1 Writeonly attribute |
| oauth2token | object | oauth2 Writeonly attribute |
| Parameters | ||
|---|---|---|
| id | string (required) | ID of the Gist in the form of a hash. |
| access_token | string (optional) | Lytics API access token. |
Retrieve a Single Auth
This API is fairly special, as only the public portions of the auth model are returned, not all fields config, oauth2token, and oathtoken fields are never exposed.
Response 200
Headers
Content-Type: application/json
Body
{
"status":"success",
"data":{
"account_id": "fakecafb441e477cad3ffbe62c4d5966",
"id": "1b53b88a06b418b07d601b6f57b8eb40",
"provider_id": "26cae7718c32180a7a0f8e19d6d40a59",
"provider_name": "Facebook",
"user_id": "4222fd7c8db7ebcb042e0547e3b4e128"
}
}
Create Auth
Create an auth, would normally never be used via the api, the web admin Integrations section manages these.
Request
Headers
Content-Type: application/json
Authorization: {API Token}
Body
{
"provider_id": "our_provider",
"config":[
{"name":"apikey","value":"value_that_will_get_encrypted"}
]
}
Response 201
Headers
Content-Type: application/json
Body
{
"status":"success",
"data":{
"account_id": "fakecafb441e477cad3ffbe62c4d5966",
"id": "1b53b88a06b418b07d601b6f57b8eb40",
"provider_id": "26cae7718c32180a7a0f8e19d6d40a59",
"provider_name": "Facebook",
"user_id": "4222fd7c8db7ebcb042e0547e3b4e128"
}
}
Update Auth
Request
Headers
Content-Type: application/json
Authorization: {API Token}
Body
{
"provider_id": "our_provider",
"config":[
{"name":"apikey","value":"value_that_will_get_encrypted"}
]
"oauth2token": {.....},
"oauthtoken": {....}
}
Response 200
Headers
Content-Type: application/json
Body
{
"status":"success",
"data":{
"account_id": "fakecafb441e477cad3ffbe62c4d5966",
"id": "1b53b88a06b418b07d601b6f57b8eb40",
"provider_id": "26cae7718c32180a7a0f8e19d6d40a59",
"provider_name": "Facebook",
"user_id": "4222fd7c8db7ebcb042e0547e3b4e128"
}
}
Remove an Auth
Deleting an auth is a very special operation. If any work is running (imports, exports), it will remove the auth from those works and stop them.
Request
Headers
Authorization: {API Token}
Response 204
Auth ApiToken
Create Lytics api tokens.
Please note that the response below has the value of the api key created.
This api key will NOT be available via the api outside of this single response so you must save it safely.
Subsequent usage of this auth may be managed through normal Auth api above.
Parameters:
expires 100h (hours) this token will only be valid until this many hours have passed
description user-provided name for this token
scopes comma delimited list of scopes (admin,data)
Roles(scopes)
admin can manage the account (create users, grant roles) as well as all other roles below.
data Grants read/write access to the data management API (Data Uploads, Entity Reads, Content Recomendation). Also Read access to Segments.
data_write Grants write access to the data upload API.
content_manager Grants read/write access to content classification and topics.
segment_manager Grants read/write access to segments
marketer Grants read/write access to segments and campaigns, but cannot publish campaigns, or export segments
observer Grants read access to segments and campaigns
data_manager Grants read/write access to schemas, queries, users, content and integrations. Includes PII user fields access
campaign_manager Grants read/write access to campaigns, segments, including exporting segments and publishing campaigns
general_manager Grants read/write access to all product features. Not able to manage users, and account. Includes PII user fields access
PII User Fields Access There is an account setting that can be set that lists fields that are considered PII, if these are set then these fields will not be available on the Entity API unless you have the escalated privilege of PII (Data Manager, or General Manager, Admin).
# Create a long lived (ie, no expires time) token
curl -s -XPOST "https://api.lytics.io/api/auth/createtoken" \
-H "Authorization: $LIOKEY" \
-H "Content-Type: application/json" -d '
{
"scopes": ["data_manager"],
"name": "my-app",
"description": "Token used for myapp to upload data to lytics, read schema"
}
' | jq '.'
# create a token that expires in 100 hours, so a vendor
# can upload data
curl -s -XPOST "https://api.lytics.io/api/auth/createtoken" \
-H "Authorization: $LIOKEY" \
-H "Content-Type: application/json" -d '
{
"expires": "100h",
"scopes": ["data_write"],
"name": "my-app-name"
}
' | jq '.'Auth Create Token
Create Lytics api tokens.
Request
Headers
Content-Type: application/json
Authorization: {API Token}
Body
{
"expires":"100h",
"scopes": ["admin","data"],
"name": "my-token-for-serivce-x"
}
Response 201
Headers
Content-Type: application/json
Body
{
"status":"success",
"data":{
"account_id": "fakecafb441e477cad3ffbe62c4d5966",
"id": "1b53b88a06b418b07d601b6f57b8eb40",
"provider_id": "26cae7718c32180a7a0f8e19d6d40a59",
"name": "my-token-for-service-x",
"provider_name": "Lytics",
"config":[
{ "api_key": "api_value" }
]
}
}