Skip to content

Authentication

To create a session POST api key credentials for the appropriate ORG. These can be obtained from admin under Api Keys. An email should be passed with the request but is not used as part of the authentication. GET on the same URL can be used to check the status and DELETE to destroy the session.

Note that API key authentication is currently limited to the Admin GraphQL schema.

Session

Create

POST https://rest.weave.io/session
{
  "uid":"---api key---",
  "password":"---api secret---",
  "credential":"ApiKey",
  "email":"admin@someorg.com"
}

Check

GET https://rest.weave.io/session

Close

DELETE https://rest.weave.io/session

User Authentication

The following is the user flow for logging in. This can be done within an application or by using a testing tool such as Insomnia to confirm and test GraphQL queries.

Step 1 - request a PIN code

Request a PIN code from the server. The email used should be a registered account email.

POST: https://rest.weave.io/user/graphql
sendVia: Both | Sms | Email

mutation {
  sendPinCode(email: "xxxx@xxxx" , sendVia: Both)
}

Successful response.

{
  "data": {
    "sendPinCode": true
  }
}

Step 2 - use the PIN code to get the token id and secret

Generate a fresh UUID to identify the device. This should be persisted so that it can be the same UUID every time. Confirm the PIN code sent via email and sms to obtain a token ID and token secret.

POST: https://rest.weave.io/user/graphql
mutation {
  checkPinCode(email: "xxxx@xxxx", pin: "XXXXX", device: "<create a unique device UUID>", host: "CLI") {
    token
    tokenId
    result
  }
}
Getting Response:-
{
  "data": {
    "checkPinCode": {
      "token": "<your token secret>",
      "tokenId": "<your token uuid>",
      "result": true
    }
  }
}

Step 3 - login

Using the token id and secret from the prior step complete the login. This will create a long lived device session.

POST:- https://rest.weave.io/session
uid = token id
password = token secret
{
  "uid":"<token id>",
  "password":"<token secret>",
  "credential":"Token",
  "email":"<account email>"
}