Smart Services Authentication
Smart Services use a secure authentication system based on OAuth 2.0 and API Keys.
Authentication Methods
1. API Key (Recommended for services)
For server-to-server applications:
curl --location --request POST 'https://tse.smart-api.teamsystem.cloud/api/v1/auth/token' \
--header 'accept-language: it-IT' \
--header 'Content-Type: multipart/form-data' \
--header 'Accept: application/json' \
--form 'username="admin_webapicorso"' \
--form 'scope="webapicorso_alywebapicorso"' \
--form 'token="Bearer eyJhbGciOiJIUzI1NiIsI....."'
### 2. OAuth 2.0 (For client applications)
For web and mobile applications:
```javascript
const myHeaders = new Headers();
myHeaders.append("accept-language", "it-IT");
myHeaders.append("Content-Type", "multipart/form-data");
myHeaders.append("Accept", "application/json");
const formdata = new FormData();
formdata.append("username", "admin_webapicorso");
formdata.append("scope", "webapicorso_alywebapicorso");
formdata.append("token", "Bearer eyJhbGciOiJ...");
const requestOptions = {
method: "POST",
headers: myHeaders,
body: formdata,
redirect: "follow"
};
fetch("https://tse.smart-api.teamsystem.cloud/api/v1/auth/token", requestOptions)
.then((response) => response.text())
.then((result) => console.log(result))
.catch((error) => console.error(error));
Token Management
Token Validity
- API Key: Permanent until revoked
- Access Token: 1 hour
- Refresh Token: 30 days
Refresh Tokens
const refreshToken = async (refreshToken) => {
const response = await fetch('https://tse.smart-api.teamsystem.cloud/oauth/token', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
grant_type: 'refresh_token',
refresh_token: refreshToken
})
});
return await response.json();
};
Security
Important
- Never expose credentials in client code
- Use HTTPS for all communications
- Implement periodic key rotation
- Monitor API usage to detect anomalies
Implementation Examples
.NET
public class SmartServicesClient
{
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "https://tse.smart-api.teamsystem.cloud/api/v1/auth/token");
request.Headers.Add("accept-language", "it-IT");
request.Headers.Add("Accept", "application/json");
var content = new MultipartFormDataContent();
content.Add(new StringContent("admin_webapicorso"), "username");
content.Add(new StringContent("webapicorso_alywebapicorso"), "scope");
content.Add(new StringContent("Bearer eyJhbGciOiJI...I"), "token");
request.Content = content;
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Console.WriteLine(await response.Content.ReadAsStringAsync());
}
JavaScript/Node.js
class SmartServicesClient {
const axios = require('axios');
const FormData = require('form-data');
let data = new FormData();
data.append('username', 'admin_webapicorso');
data.append('scope', 'webapicorso_alywebapicorso');
data.append('token', 'Bearer eyJhbGciOiJIUzI....');
let config = {
method: 'post',
maxBodyLength: Infinity,
url: 'https://tse.smart-api.teamsystem.cloud/api/v1/auth/token',
headers: {
'accept-language': 'it-IT',
'Content-Type': 'multipart/form-data',
'Accept': 'application/json',
...data.getHeaders()
},
data : data
};
axios.request(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
}