This page documents the GroupShare REST API. Through the use of the REST Web API 3rd party developers can extend the GroupShare eco-system. Your applications can integrate with GroupShare using simple HTTP methods - supporting JSON format. All the calls in this specifications are OAuth 2.0 protected resources. This means that callers must provide a so called "bearer token". This token can be obtained by issuing a POST request, to the authentication/api/1.0/login URL (see the Login section). The received token can be used to get access to the associated resources (all of the exposed API calls).
Requests to protected resources that require authorization will return HTTP code 401 - Unathorized, if the Authorization request-header is not found or if the token expired. In this case you need to include the Authorization request-header with a valid authorization token value. To get this authorization token do a POST request to authentication/api/1.0/login.
The respone to the POST request to authentication/api/1.0/login is the bearer access token. Use this value in the Authorization request-header, with each call to protected resources.
"AAIAAIPYQYPBMluvjQdetB_dMMd6qa0TJ3vbOTyCFqZISN3Uvgh6VU_oV0xDJxEIoDk2GDUyk1EU-zxUIhhY0Lqzg64-i3yY5xRgk2zOK94K6DqKhqL1MRtJgRA6CIAiwTRjI2yIB_N3dfLAxs36rRXYIkcg9TYecWlI_ d8jWTCAn3W-0HZeO5UVV-srG1gt4qZC6CP8z75OjD9WXULRXWPxHCPwgNed7tvBVABSxR9ubOIPbD80SMmoAoLY_PvYcasb2iY6FAFYLGwxS_PjA7JGG2pgftw9FFCSfVRGLifmI0qHLkGwO50kmyA53muA__qODxhf9Rr 25uP7vUJLDUX14OTLRz22-Ey-vvONm7jXhCasQzoPJJHK1kYcHfyCY3lzewcNycgvCvhsYUbjHTsIrz9lFJTH2jCrn4w58rLwZUMMUPFUtp4LB9shn8HtzGZWjU6LW55RmL9opypOxYMwZNmu757RvIv25MBPedZCtkdP6 gdT2gtNrB4CQvbrQeE9ck9drE2Wyb75_NfKEATooc0izh-3D_5nPdkCtN2I-Uye50AuCscPNf8gqgBIrI7S70IRXFiPSML448vSLkrY2DQFpBKGN5wtA34Q-tSReuQbICqNBBgaj6ioE-7FcPW0uvZ2CSzy3z0xuAa-5oo b54RzrH125e49Vz_5eJfLP2HMpAIAAAACAAB9PAzwxe3fD8Mv9NSxbEstcZD8_5Vt0vPMjtCuR97WmaIFMAYd_q6ityU7Ah2bsbDdjzrCTZBM1a04_UHzSN6x9IdDdmX8yZ137CfaBDHh7EE8jBLjOLIBsEvWnqnEs1Pji dU96ctzWA6NOIs6MUaDljAO7E1TfjAuctGZyA6dcfotxmRjjAED5pVYUQiKUxfoVCoIyn3fnUlCExOF8JpBIHr5vNXniSFfms3oNMyC_u2tX05l6_v7gI4w-cjjTLqq60bU7zX-r-dX_y9IDKHniBEPo3N9_nFd-548bPk mPgi8kR-4hveAtf0lE8FS-F_eW5kk3BgrnUn3fHkGK-IiHgBjNWAB54_AoFkuU54NdOKimF0wxyNW7Pu-UPNnjm7rknxVE-oTGd6F_zd8TyqcRi6_ozxlyBkVkhDtVjD-mFHP0Jv8ayZ6gynJw_BQM9SNrZsPcnweS90Q8 yIEGiuLPZB3lD0a4IMQ5tjOidxVt7dKyos6uVYF0EV87jqKWoFAXt_uiZoh5AQQyCBWTovE9AJzFK7AjaU7k04Av7R3MmIf04UZRSTFX_OVUcBz_kYXz2VldwQMP4FuurHRHOyQKf_jEo55LS1m6Be8wO0hXmeRa-0AdvF a8nV2nqEPT4MeeyyrCXv_kiUgt5megumGLREyGPruR725JgHq7DRYNyxIc06u5zK51x4uND1zlGrcnb1IINqYnnR5KmLbw36Kj1OR_lC9TwZhmJ8FDtAlTY91R5GblGE_cHHJun-m4enOELzfO0dobMCI8ry6h7nzUzFRf mNyhjtAWSncLnsrJHiDj-OmksvVaGr8GHWzFS71DcqHhSlZQ08Hmuwdtf9-vDeiJvam_XzPM531vpROv75wd_zOMi0NtexdptpSWvk"
Take the token value sent in response to the POST request to authentication/api/1.0/login and include it in the Authorization request-header. The authorization scheme should be set to "Bearer". This means that you need to set the Authorization request-header by concatenating "Bearer " and the returned token value.
Authorization: Bearer AAIAAD35zz7qdUHHSRceCMP6zg7F8MClF6g4oMmz9Df0oxSODp9F9gZWCzpzds7hSlfmbB2IuxmAjXnNSA
Bearer tokens need to be protected from disclosure using transport layer security. Any party in possession of a valid token can access protected resources.