API Request Authorization and Authentication¶
Authorization and Authentication of individual Jitsuin Archivist API requests uses Bearer tokens
See Getting Access Tokens (client secret) for details on how to obtain the token. And Configure Client Credentials for Non-Interactive Access for the necessary administrative configuration.
The bearer token should be stored in a file and an environment variable BEARER_TOKEN_FILE contains the name of the file.
The text in the BEARER_TOKEN_FILE should follow the format:
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
where the x’s are replaced by the actual contents of the bearer token.
Note
Recommended that the directory containing the BEARER_TOKEN_FILE have 0600 permissions
Note
Certificate based assertion of identity is fully supported. See “client_assertion_type” and “client_assertion” in the official Azure documentation