All Bloq services require authentication
To authorize the requests, a bearer JSON Web Token must be sent in the Authorization header.
curl -X GET \
-H 'Authorization: Bearer xxxxxx.xxxxxxxxxx.xxxxxx'
This reference section for the Authentication API outlines key concepts when authenticating to use Bloq services. Key concepts and details of
Client-Keysand the various types of
Tokensare described in this section.
Bloq uses different tokens across its services. Here are the types and usages of these tokens:
Account Access Tokenis a JSON Web Token created by the Accounts service that enables the user to interact with account related services such as: retrieve profile information, update password, create client IDs and secrets. This token can also be used to interact with Bloq Connect and Nodes services. The
Account Access Tokenexpires after 12 hours.
Client Refresh Tokenis a JSON Web Token created by the Accounts service that enables the user to create a new
Client Access Token. This is a long-lived token, and expires after 1 year. Store this token carefully.
Client keys are pairs (Client ID + Client Secret) composed of random hexadecimal numbers which enables your code / program to authenticate with our servers and grants access to various Bloq services.
Client keys are used by programs to create
Client Access Tokensand
Client Refresh Tokens
The type of token/authentication that should be used will depend on the Bloq service. This usage section outlines the type of tokens/authentication required per Bloq service.
To interact with accounts, the user needs an
Account Access Token. There are two ways of creating this token:
The Bloq CLI provides this functionality out of the box using the
bcl logincommand. The
Account Access Tokenmay additionally be retrieved with the
bcl conf accessTokencommand.
Using HTTP Basic Authentication by providing username (User ID or email) and password, this endpoint retrieves an authentication token to be passed to other Accounts API functions for authentication.
curl -u username:password -X POST https://accounts.bloq.cloud/auth
To interact with the Connect service, the user may use their
Account Access Tokenor a
Client Access Token. To create a
Client Access Token, a
Client Key Pair(Client ID + Client Secret) is required.
Similarly to Connect, the user may choose to use the
Account Access Tokenor a
Client Access Tokento ineract with the Nodes service. Alternatively, the user can use an automatically generated username/password combination. \