📘
TEOS User Guides
Contact CoreLedgerPrivacy Policy
TEOS API
TEOS API
  • 👋Welcome to TEOS API
  • Get started
  • TEOS API overview
    • Terms and concepts
      • Asset
      • Spark
      • Wallet
      • Supply
      • Warp
      • Invoice
      • Transaction
    • Architecture note
      • Tenant setup options
    • Authentication
    • Versioning
  • Using TEOS API
    • Postman examples
    • Rate limits
    • Dealing with blockchain transactions
      • How to get Ether for signing transactions
      • Transaction creation and submission
        • First transaction creation and submission for a new address on the private blockchain
    • Handling errors
      • 1xxxx codes
      • 2xxxx codes
      • 3xxxx codes
    • TEOS Events
    • Warp search
  • TEOS API references
    • TEOS API Swagger (OpenAPI)
  • Using additional APIs of TEOS Platform
    • User authentication flow with TEOS Authentication service and TMS
    • Device authorization flow with TxServer and TEOS Authentication service
    • Adding wallet to the TEOS Platform flow with TxServer and TEOS API
    • Using TxServer API
      • TxServer API (OpenAPI)
      • Key Pair Generation. Transaction Signing
      • Device Restoration
    • Using TEOS Authentication service
      • TEOS Authentication Service API
    • Using TMS API
      • TMS API Swagger (OpenAPI)
      • Handling errors
      • Changelog
    • Using Discovery Service
  • FAQ
  • Changelog
    • v0.9
    • Non-versioned changes
    • Previous versions (not supported)
  • Troubleshooting
Powered by GitBook
On this page
  • API key generation
  • User token generation
  • Token scopes and claims
  • Sending access token as a Bearer token

Was this helpful?

Edit on GitHub
  1. TEOS API overview

Authentication

Types of access tokens, how to get them and how to use

PreviousTenant setup optionsNextVersioning

Last updated 1 year ago

Was this helpful?

TEOS API uses two types of access tokens:

  • API key for most of the cases

  • User token only in case TEOS API consumer uses TEOS Authentication service

Both are Bearer-type tokens and have the following characteristics:

  • Scoped to a single user, in the case of the API key the user acts on behalf of the TEOS platform consumer.

  • Can be used for most of the functionality of the TEOS API. Some specific methods can work either with API key only or with user token only, swagger documentation clearly provides this info.

Check Tenant setup options for more info about why you may need specific authentication type.

API key generation

The API key is a long-lived access token, provided by CoreLedger technical team. This token is valid for a year and can be acquired by tenant administrators only after the legal contract is signed.

These tokens can be invalidated, if necessary, under certain conditions. If you need a token invalidated, please contact your CoreLedger manager or send a service request to .

Most of the TEOS API functionality can be used with the API key. If some endpoint needs a user token for authorization, swagger documentation will clearly state it (as in the example below).

User token generation

During signing up or signing in to a new tenant, or after T&C are updated the user can receive a form, requiring to accept the current versions of terms and conditions and data protection policy. Without accepting them, the user won't be able to sign-up or login.

Token scopes and claims

TEOS API requires prod.teosapi scope to be included in the token. The claim tid with the TenantId (GUID) should also be included within the Token. Both the necessary scope and claim are added during token creation.

Sending access token as a Bearer token

When making an API call, supply the API key or user access token as a Bearer token in the authorization header:

Authorization: Bearer 9D19D3CA6361713D49CFC4C8668C4D9A9ED3B3621E763B0607F77D24CF13E5BA

In curl:

curl -X 'GET' \
  'https://teosapi.coreledger.net/odata/v0.7/AssetClasses(code=,,languageCode=,)' \
  -H 'accept: application/json'
  -H 'Authorization: Bearer 9D19D3CA6361713D49CFC4C8668C4D9A9ED3B3621E763B0607F77D24CF13E5BA'

The user token is short-lived and is valid for 48 hours (subject to changes, a new validity period can be set on request). It is issued when a user signs into an application integrated with the TEOS Authentication service. To integrate an app with the TEOS Authentication service, please contact your CoreLedger manager or send a service request to .

support@coreledger.net
support@coreledger.net
Example of the functionality not supported with api key