Access as Anonymous User
You can use these two methods to execute the REST API as anonymous user.
Execution with Basic Authentication
You use Basic authentication every time you access the application as anonymous user.
Basic authentication is processed by specifying AppID as a username and an arbitrary value as a password. Specifically, a request is sent with the Authorization: Basic
header containing a Base64-encoded string of concatenated AppID and an arbitrary value with a colon (:) in between the two values.
For example, suppose that your appID and an arbitrary value are 12345678
and 1234567890abcdef1234567890abcdef
, respectively. You will concatenate these values as 12345678:1234567890abcdef1234567890abcdef
and then Base64-encode it to get the value MTIzNDU2Nzg6MTIzNDU2Nzg5MGFiY2RlZjEyMzQ1Njc4OTBhYmNkZWY=
. You will embed this value in the Authorization: Basic
header.
Execution with an Anonymous User Token
You get an anonymous user token and embed it to the HTTP header Authorization: Bearer
in subsequent processes.
See the below example to get an anonymous user token.
curl -v -X POST \
-H "Authorization: Basic {BASE64_ENCODED_APPID_AND_APPKEY}" \
-H "Content-Type: application/json" \
"https://api-jp.kii.com/api/apps/{APP_ID}/oauth2/token" \
-d '{
"grant_type": "client_credentials",
"client_id": "{APP_ID}",
"client_secret": "{APP_KEY}",
"expiresAt": {EXPIRED_TIME}
}'
You get an anonymous token with Basic Authentication. Replace {BASE64_ENCODED_APPID_AND_APPKEY}
with a Base64-encoded string of concatenated AppID and an arbitrary with a colon (:) in between the two values.
Replace {APP_ID}
and {APP_KEY}
with your application's AppID and an arbitrary value, respectively. Additionally, you can set the expiration time in UNIX time (msec) in UTC by the expiresAt
parameter. An anonymous user token will not expire if an expiration time is not set.
Kii Cloud responds as below when it receives a valid AppID. "access_token" in the response is an anonymous user token. "expires_in" is a lifetime in seconds of the anonymous access token.
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: application/json
Transfer-Encoding: chunked
Date: Mon, 14 May 2012 17:36:41 GMT
{
"id" : "ANONYMOUS",
"access_token" : "n44aWtuguvJ9bvwDydXR3sDCSMOBb4ApSSD_Ls8",
"expires_in" : 2147483646,
"token_type" : "bearer"
}