Web API Security

There are two ways to access the web API. The security is based on how and from where you access the API URL.

See Accessing the REST API for more details and code examples.

  • Website pass-through security is used when you access the web API through JavaScript code that you are running from a web application. The iMIS website credentials are shared with the API, so the URL you use to access the web API is the content website with /api appended, for example:
  • The OAuth 2.0 token security is used for external or cross-site access to the ASI Scheduler web API. After an authorization request to access the server is posted, the token received is added to the headers of all other requests. For details on using the OAuth 2.0 framework, go to http://www.oauth.net/.

Do the following to use OAuth 2.0:
a) Obtain an access token.
b) Add the token to headers.
c) Make a request.