The DiscoverText API uses JWT (JSON Web Tokens) for authorization and access to all API calls.
Note: at this time, we do not support 3rd party logins (Facebook, LinkedIn) for the DiscoverText API. Only individual user accounts for valid DiscoverText Enterprise organizations are able to access the API via their DiscoverText username and password.
{ apiKey: "{api key}", hostname: "{hostname}", username: "{user name}", password: "{user password}", nonce: <numeric value>, signature: "{HMAC SHA 256 signature}" }Return Value:
A JSON Web Token (JWT) value
- The hostname will be provided to you when you receive your API key and API secret keys.
- The user credentials for logging in should be a valid, authorized user that exists in your DiscoverText Enterprise account.
- The nonce field should be a random number, numeric timestamp, or other known numeric value. We suggest changing this value for each login request to prevent any possible replay attack for generating JWT tokens.
- The signature for your request should be calculated HMAC SHA 256 hash, in Base-64 format, that is signed using your API secret key. See below for details.
Calculating the Signature
The message string for generating the request should be in the following format: {api key}:{hostname}:{username}:{password}:{nonce}
For example, if the following values are used:
api key: f9eb4d5e-2e0c-4615-b631-774d1bee73e4 api secret: 41c1aab6-f3f7-4782-a54c-079573699159 hostname: api.discovertext.com username: testuser password: testpassword nonce: 1234567890Then your message string should look like:
f9eb4d5e-2e0c-4615-b631-774d1bee73e4:api.discovertext.com:testuser:testpassword:1234567890Using the secret key above to generate the computed HMAC, the signature should be:
JkJ8PMRSItkBi9DFc2jAiCQ70vznI/oZUZz0JTyrjIM=
Some example code (in C#) for calculating the signature would look like:
var message = String.Format("{0}:{1}:{2}:{3}:{4}", apiKey, hostname, username, password, nonce); var messageBytes = Encoding.UTF8.GetBytes(message); var keyBytes = Encoding.UTF8.GetBytes(secretKey); using (var hasher = new HMACSHA256(keyBytes)) { var hashedBytes = hasher.ComputeHash(messageBytes); var signature = Convert.ToBase64String(hashedBytes); }
The JWT will contain an expiration timestamp (from UTC) with a default of 10 minutes from the time it is issued. It is up to you to ensure that your session does not expire for your token, and to refresh the token as needed.
To refresh your token make a call to the token renewal endpoint:
(none)Return Value:
A new JSON Web Token (JWT) value