Calls to the API are secured using JSON Web Tokens, which utilize the GUID and Secret Key configured in the API Subscription Manager screen. JWTs are constructed programmatically by external systems integrated with the API and can also be tested using a specific endpoint available in Swagger.
AssignmentPro's Swagger documentation portal lets technical end users explore the API framework and see which endpoints they have access to based on their Subscription and therefore permission sets. This provides both technical documentation and usage without needing another program to interact with the API.
An API Subscriber must be created and have a GUID and Secret Key generated for them. As part of the API Subscriber creation, login credentials will be emailed to the user and once the user has changed their password, they will be able to access Swagger.
After logging in, users will see the Swagger documentation that API Subscriber is authorized to access. In this example, the API Subscriber has an AIRINC API subscription.
When logged into Swagger, users are able to:
view the different endpoints they have access to based on their API Subscriptions
use the built in functionality to look at example requests and responses. The examples will also include the expected data type for each key/value
make calls to the API from this page using the "Try it out" button
Below are examples taken from Swagger where the API Subscriber has a subscription to the People API:
