User / Authentication API

Start here to begin using the HelpMaster API

Endpoint

POST - /user/gettoken

Overview

The User/GetToken endpoint is the entry-point into using the HelpMaster WebAPI. This step must be performed before any other WebAPI call is made. The User function authenticates the WebAPI session and allows further access to other API endpoints once a “bearer” token has been issued.

Simplified 3-step process to use the WebAPI

Web API Authentication Sequence

Once you have completed step 1, the following diagram displays the sequence flow for using the API.

Web API Authentication Sequence

Have you made an API key using the Desktop edition of HelpMaster yet?

Before the USER endpoint can be used to get a Web Token (that is used to call other end-points in the HelpMaster WebAPI), a valid WebAPI key must have already been created via the HelpMaster desktop edition via the API Integration screen.

GetToken

The GetToken function is the first call you need to make in order to use the Web API. It is used to get an access token, or bearer token that can then be used to gain access to all of the other API endpoints. This “bearer” token will be valid for 24 hours.

Using the Swagger interface

Create a Web API key if you haven’t already
Copy the key into the computer clipboard
Browse to your WebAPI Swagger interface
Navigate to the /User/GetToken/ section and click “Try it out” button. The text box will become active, and you will be able to type/paste information into it.
Paste the API key into the apiKey value section
Set the loggedInUserPKID to a valid client PKID in HelpMaster database

The GetToken screen should look similar to this:

Web API get token

{
  "apiKey": "0bef4ace-0826-4be7-81ad-7bd7e8bfbc5f",
  "loggedInUserPKID": 88
}

Click Execute. If the token is valid, you should see a value returned in the “Success 200” section like this.

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI4MTM5MDBiMy1iZjE2LTRmY2EtYTJkZi0wNjA1MjE1NDc4MmQiLCJ2YWxpZCI6IjEiLCJ1c2VyaWQiOiI4OCIsIm5hbWUiOiJIZWxwTWFzdGVyIFdlYkFQSSBLZXkgLSBEZXZlbG9wZsdgS2V5ICMxIiwiQVBJUEtJRCI6IjEiLCJBUElLZXkiOiI4NDM1ZDc3MC05MDVmLTQ5ZjAtOWExMy04ZTUxYWZiOGQwNTQiLCJleHAiOjE2MjI1NDg2NDcsImlzcyI6Imh0dHA6Ly9oZWxwbWFzdGVycHJvLmNvbSIsImF1ZCI6Imh0dHA6Ly9oZWxwbWFzdGVycHJvLmNvbSJ9.BgPc7A0-zuOqsoLORsVAIgN4ry5LGhc2O9c_jX-DIKc"
}

Copy the token results (excluding the word “token:” and excluding the quotes around the token) from the Response body results in the 200 code section:

Type “bearer” in front of the token like this…

bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI4MTM5MDBiMy1iZjE2LTRmY2EtYTJkZi0wNjA1MjE1NDc4MmQiLCJ2YWxpZCI6IjEiLCJ1c2VyaWQiOiI4OCIsIm5hbWUiOiJIZWxwTWFzdGVyIFdlYkFQSSBLZXkgLSBEZXZlbG9wZsdgS2V5ICMxIiwiQVBJUEtJRCI6IjEiLCJBUElLZXkiOiI4NDM1ZDc3MC05MDVmLTQ5ZjAtOWExMy04ZTUxYWZiOGQwNTQiLCJleHAiOjE2MjI1NDg2NDcsImlzcyI6Imh0dHA6Ly9oZWxwbWFzdGVycHJvLmNvbSIsImF1ZCI6Imh0dHA6Ly9oZWxwbWFzdGVycHJvLmNvbSJ9.BgPc7A0-zuOqsoLORsVAIgN4ry5LGhc2O9c_jX-DIKc

Scroll to the top of the Swagger page, and click the “Authorize” button and paste the value into the text box and click Authorize.

Swagger Authorize

If everything is successful, the JWT/API token will be generated and you will be able to start making calls against all web API endpoints.

Click the Close button (not the Logout!)

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.