Authentication Methods
The Qwilt CDN APIs support two authentication methods for controlling access:
API Key Based Authentication
API keys allow you to authenticate requests without using user credentials.
Create an API Key
An API Key can grant either viewer (read-only) or editor (read-and-write) permissions, and can be valid for up to 365 days.
Use the api-keys API to create an API Key.
Use the QC Services user interface to create an API key.
Pass the API Key with a Request
To authenticate an API request, include the API key in the X-API-KEY header.
Example:
curl --request GET \
--url https://media-sites.cqloud.com/api/v2/sites \
--header 'Accept: */*' \
--header 'X-API-KEY: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhQWNjZX...'
Token Based Authentication
The Login API is used to authenticate the API user and generate a cqloud access token. The user submits their Qwilt Cloud credentials (username and password) to the login API in order to generate the token. The token is then used to interact with the APIs.
A token is valid for one hour. When it expires, use the Login API to generate a new one.
Resource URL
https://login.cqloud.com/login
Request Parameters
- username - The username (used for basic authentication).
- password - The user's password (used for basic authentication). This parameter is optional. If excluded from the request, the initial response is a prompt for the password.
- orgId - (Only relevant to users assigned to multiple organizations.) An optional query parameter that specifies which organization the login token is valid for. If not provided, the token is valid for the user's default organization.
Request Example
This example shows how to use a cURL command to save the generated token to the local directory using the filename specified in <cookiefile>.
curl -i -c <cookiefile> -u <username>:<password> https://login.cqloud.com/login
Response Example
HTTP response code 302 is used by the Login API to indicate success.
The API token is the "cqloudLoginToken" value found in the "Set-Cookie" field.
HTTP/1.1 302 Found
Content-Type: text/plain; charset=UTF-8
Date: Thu, 26 Jan 2023 14:10:54 GMT
Set-Cookie: cqloudLoginToken=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhQWNjZXNzQ29udHJvbCI6eyJDRE4iOlsiKiJdLCJhbGxvd2VkT3JnSWRzIjpbIioiXSwiY29udGVudFB1Ymxpc2hlcnMiOlsiKiJdLCJmb290cHJpbnQiOlsiKiJdLCJrZXlzIjpbIioiXSwibm1hRXZlbnRzIjpbIioiXSwicW5EZXBsb3ltZW50IjpbIioiXSwic2VjcmV0cyI6WyIqIl19LCJlbWFpbCI6ImVzdGhlcmJAcXdpbHQuY29tIiwiZW5jb2RlZFBlcm1zIjoiSDRzSUFBQUFBQUFBLzZ4WFMzUGpOZ3orTHo2SE92UzR0M1RkbkxyVG5jeTBkNXFFWk14U0pBT0. . . ;
Path=/;
domain=cqloud.com;
Max-Age=21600;
HttpOnly; Secure
Vary: Origin
Content-Length: 2
Connection: keep-alive
Pass the Token with the API Request
When forming an API request, use the Authorization header to pass the cqloudLoginToken.
The Authorization header value must be the word "BEARER" followed by a space and the cqloudLoginToken:
BEARER <cqloudLoginToken>
For example:
curl --request GET \
--url https://media-sites.cqloud.com/api/v2/sites \
--header 'Accept: */*' \
--header 'Authorization: BEARER eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhQWNjZX...'