API Authentication

 
The RB209 Web API uses token authentication to allow users to securely connect to it's various endpoints. Once you have registered with the API and had your request approved, you will need to request a token from the API.
 

Login to the API

The first step is to make a request to the /users/login endpoint. You will need to provide your email address and password in the request.
  
//API Connection Details
var emailAddress = "...";        //Your email address
var password = "...";            //Your password
var apiConnection = "https://rb209api.ahdb.org.uk";

var loginRequest = new LoginRequest
{
    Email = emailAddress,
    Password = password
};

//Serialize input details
var content = new StringContent(JsonConvert.SerializeObject(loginRequest), Encoding.UTF8, "application/json");

var client = new HttpClient();

//Connect to API & retrieve data
var url = $"{apiConnection}/api/users/login";
var task = client.PostAsync(url, content);
var returnedData = task.Result.Content.ReadAsStringAsync().Result;

//Deserialize token details
var tokenResponse = JsonConvert.DeserializeObject<TokenResponse>(returnedData);
 

Retrieve tokens

This will return an access token and a refresh token. The access token is valid for 60 minutes, while the refresh token is valid for 30 days.
  
//Tokens in the response
var accessToken = tokenResponse.AccessToken;
var refreshToken = tokenResponse.RefreshToken;
 

Query endpoints

Whilst querying any of the endpoints in the API, you will need to provide your access token as part of the request.
  
//API Connection Details
var accessToken = "...";        //Your access token
var apiConnection = "https://rb209api.ahdb.org.uk";

//Add Authentication details
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

//Connect to API & retrieve data
var url = $"{apiConnection}/api/arable/cropGroups";
var task = client.GetAsync(url);
var returnedData = task.Result.Content.ReadAsStringAsync().Result;

//Deserialize response details
var cropGroupList = JsonConvert.DeserializeObject<List<CropGroupResponse>>(returnedData);
 

Regenerate access token

Once your access token has expired, you can generate a new one by querying the /users/refresh_token endpoint. Here you will need to provide your email address and your refresh token.
  
//API Connection Details
var emailAddress = "...";        //Your email address
var refreshToken = "...";        //Your refresh token
var apiConnection = "https://rb209api.ahdb.org.uk";

var refreshTokenRequest = new RefreshTokenRequest
{
    Email = emailAddress,
    RefreshToken = refreshToken
};

//Serialize input details
var content = new StringContent(JsonConvert.SerializeObject(refreshTokenRequest), Encoding.UTF8, "application/json");

var client = new HttpClient();

//Connect to API & retrieve data
var url = $"{apiConnection}/api/users/refresh_token";
var task = client.PostAsync(url, content);
var returnedData = task.Result.Content.ReadAsStringAsync().Result;

//Deserialize token details
var tokenResponse = JsonConvert.DeserializeObject<TokenResponse>(returnedData);
 

Retrieve new tokens

This will return a new access token which you can use in place of the expired one.
  
//Tokens in the response
var accessToken = tokenResponse.AccessToken;
var refreshToken = tokenResponse.RefreshToken;
 

Refresh token expired

If your refresh token expires, you will need to call the /users/login endpoint again. This will then regenerate a new access and refresh token for you.
  
//API Connection Details
var emailAddress = "...";        //Your email address
var password = "...";            //Your password
var apiConnection = "https://rb209api.ahdb.org.uk";

var loginRequest = new LoginRequest
{
    Email = emailAddress,
    Password = password
};

//Serialize input details
var content = new StringContent(JsonConvert.SerializeObject(loginRequest), Encoding.UTF8, "application/json");

var client = new HttpClient();

//Connect to API & retrieve data
var url = $"{apiConnection}/api/users/login";
var task = client.PostAsync(url, content);
var returnedData = task.Result.Content.ReadAsStringAsync().Result;

//Deserialize token details
var tokenResponse = JsonConvert.DeserializeObject<TokenResponse>(returnedData);
 

Logout from API

If you wish to terminate your refresh token, you can use the /users/logout endpoint and this will invalidate your refresh token. This means that the refresh token cannot be used again until you login to your account again. Note that the access token is still valid until it was originally due to expire.
  
//API Connection Details
var accessToken = "...";        //Your access token
var apiConnection = "https://rb209api.ahdb.org.uk";

//Add Authentication details
var client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

//Connect to API & retrieve data
var url = $"{apiConnection}/api/users/logout";
var task = client.PostAsync(url, null);
var returnedData = task.Result.Content.ReadAsStringAsync().Result;