Door deze website te bezoeken maak je automatisch gebruik van cookies.

Als de browser instellingen niet veranderd, dan maak je gebruik van de cookies. Lees meer

Sluiten

2BA Cookie informatie

Deze tekst is van toepassing op de 2BA sites "Homepage", "Unifeed" en "Bestand & Beheer".

Wat is een Cookie

Wij maken op deze website gebruik van cookies. Een cookie is een eenvoudig klein bestandje dat met pagina’s van deze website wordt meegestuurd en door uw browser op uw harde schrijf van uw computer wordt opgeslagen.

Soort cookies

Wij gebruiken cookies om het gebruik van onze site faciliteren, het inloggen te onthouden en t.b.v. snelheidsverbeteringen. Daarnaast gebruiken wij (anonieme) gegevens voor het opbouwen van site statistieken zoals het aantal keer dat de sites bezocht worden, met welke browser etc. De 2BA site kan niet zonder cookies werken. 

2BA maakt geen gebruik van tracking cookies t.b.v. advertenties.

 

 

Documentatie

All credentials (client_id/client_secret en user_id/password) are transmitted across a secure connection (https) to the 2BA Authorization Server. In response, the application receives an Access Token and a Refresh Token. The Access Token has a limited validity and will have to be refreshed if the validity has expired. The Refresh Token, in principle, has unlimited validity and is only used across the secure connection to the 2BA Authorisation Server. With the Access Token, the 2BA services can be invoked. Based on the Access Token, 2BA can determine what application and which user accesses the service and determine the appropriate rights. When the Access Token expires, the application can use the Refresh Token to request a new Access Token from the Authorization Server. View a code example.

AuthorizeFlow 

To acquire or refresh an Access Token, the application can use the OAuth/Token service as described in the API documentation. To use this service, the following data is required:

 

FieldDescription
client_id / client_secret This information is required to identify the client application. A software partner can obtain this information by contacting 2BA.
username / password This informatie is required to identify the end user, on behalf of which the application makes the request. Further autorisation is done based on the user's rights. A user can obtain a username and password by contacting 2BA.
   

 

Example Authenticatie (request Access Token and Refresh Token)

 

using System.Runtime.Serialization.Json; 
using System.Text; 
using System.Xml; 
using System.Xml.Linq; 
using System.Xml.XPath;

private void BtnLoginClick(object sender, System.EventArgs e)
{
	try
	{
		var httpWReq = (HttpWebRequest)WebRequest.Create(GlobalVariables.AuthorizeServer + "/OAuth/Token");
		var encoding = new ASCIIEncoding();
		string postData = "grant_type=password";
		postData += "&username=" + txtUsername.Text;
		postData += "&password=" + txtPassword.Text;
		postData += "&client_id=" + txtClientId.Text;
		postData += "&client_secret=" + txtClientSecret.Text;
		byte[] data = encoding.GetBytes(postData);
		httpWReq.Method = "POST";
		httpWReq.ContentType = "application/x-www-form-urlencoded";
		httpWReq.ContentLength = data.Length;
		HttpWebResponse response;
		using (Stream newStream = httpWReq.GetRequestStream())
		{
			newStream.Write(data, 0, data.Length);
			response = (HttpWebResponse)httpWReq.GetResponse();
		}
		var mystream = response.GetResponseStream();
		// You can also use third-party libraries for parsing Json
		XmlReader reader = JsonReaderWriterFactory.CreateJsonReader(mystream, new XmlDictionaryReaderQuotas());
		XElement root = XElement.Load(reader);
		// The fields we'd like to extract
		XElement access_token = root.XPathSelectElement("//access_token");
		XElement refresh_token = root.XPathSelectElement("//refresh_token");
		XElement expires_in = root.XPathSelectElement("//expires_in");
		XElement token_type = root.XPathSelectElement("//token_type");
		AccessToken = (access_token == null) ? null : access_token.Value;
		RefreshToken = (refresh_token == null) ? null : refresh_token.Value;
		ExpiresIn = (expires_in == null) ? null : expires_in.Value;
		TokenType = (token_type == null) ? null : token_type.Value;
		this.Close();
	}
	catch (Exception ex)
	{
		MessageBox.Show(@"Login failed: " + ex.Message);
	}
}