Rest API Execution Flow

The following diagram illustrates the execution flow, with a focus on authentication mechanism.

API Console

  1. The external application requests a token from the Support.com Cloud Authentication Service by sending the Client Id and Client Secret configured in the ConfigureAccess Point page to the URL https://mycompany.nexus.support.com/api/v1/oauth2/token. For example:

    curl -k https://mycompany.nexus.support.com/api/v1/oauth2/token -d “grant_type=client_credentials&client_id=ClientCRM&client_secret=Hm5NeAVqYlgWxsU5a1AiNpzGggJjEcpd”

  2. The Support.com Cloud Authentication Service receives the request, generates a token, and returns that token to the external application.

  3. The application generates an API request with the token to the Support.com Cloud API. The token must be sent in the request header, in the following format: Authorization:[space]Bearer[space][token]. A sample request using CURL might appear as follows:

    curl -k https://mycompany.nexus.support.com/api/v1/sessions/10000 -H “Authorization: Bearer FKhvHhGduAdPmEnDhqqYp35u8pZUchkH”

  4. The Support.com Cloud API forwards the token to the Support.com Cloud Authentication Service for validation.

  5. The Support.com Cloud Authentication Service validates the token.

  6. If authentication is verified (valid token), the Support.com Cloud API execute the operation requested by the external application.

  7. The external application receives the results of the API request.