DiscoverText API - Login and Authentication

The DiscoverText API uses JWT (JSON Web Tokens) for authorization and access to all API calls.

Note: at this time, we do not support 3rd party logins (Facebook, LinkedIn) for the DiscoverText API. Only individual user accounts for valid DiscoverText Enterprise organizations are able to access the API via their DiscoverText username and password.

Input Parameters (JSON POST body):
    apiKey: "{api key}",
    hostname: "{hostname}",
    username: "{user name}",
    password: "{user password}",
    nonce: <numeric value>,
    signature: "{HMAC SHA 256 signature}"
Return Value:
A JSON Web Token (JWT) value

Calculating the Signature

The message string for generating the request should be in the following format: {api key}:{hostname}:{username}:{password}:{nonce}

For example, if the following values are used:

api key: f9eb4d5e-2e0c-4615-b631-774d1bee73e4
api secret: 41c1aab6-f3f7-4782-a54c-079573699159
username: testuser
password: testpassword
nonce: 1234567890
Then your message string should look like:
Using the secret key above to generate the computed HMAC, the signature should be:

Some example code (in C#) for calculating the signature would look like:

var message = String.Format("{0}:{1}:{2}:{3}:{4}", apiKey, hostname, username, password, nonce);
var messageBytes = Encoding.UTF8.GetBytes(message);
var keyBytes = Encoding.UTF8.GetBytes(secretKey);
using (var hasher = new HMACSHA256(keyBytes)) 
    var hashedBytes = hasher.ComputeHash(messageBytes);
    var signature = Convert.ToBase64String(hashedBytes);

The JWT will contain an expiration timestamp (from UTC) with a default of 10 minutes from the time it is issued. It is up to you to ensure that your session does not expire for your token, and to refresh the token as needed.

To refresh your token make a call to the token renewal endpoint:

Input Parameters:
Return Value:
A new JSON Web Token (JWT) value