Docs
ZEST
Component Help
ZEST Specification File
Authentication Schema

Authentication URL

It assists the server in authenticating the token and the user identity to access the resource.

Possible Locations

OAuth2
Token

Child Elements

Description
Operation required

Attributes

Name	Type	Description
path required	String	URL path

Samples

OAuth2

In the trips resource, we use the <oauth2> for authentication. Following is a sample authentication-url for this case,

copy


<authentication-url path="https://accounts.travel_bureau.com/oauth/user/info">
    <operation method="get" name="Check Access Token" category="action">
        <response status="200">
            <content>
                <encode type="application/json" />
                <structure name="user info">
                    <property name="First_Name" type="string" />
                    <property name="Last_Name" type="string" />
                    <property name="Display_Name" type="string" />
                    <property name="ZUID" type="long" />
                    <property name="Email" type="string" />
                </structure>
            </content>
        </response>
    </operation>
</authentication-url>

Token

Consider that we use <token> for authentication in the travelers resource. Following is a sample of authentication url,

copy

 
<authentication-url path="https://authorization-server.com/token-info">
    <description>The token introspection endpoint will return information about a token</description>
    <operation method="post" name="IntrospectToken" category="action">
        <request-body>
            <content>
                <encode type="text/plain" />
                <structure name="Token">
                    <property name="token" type="string"/>
                </structure>
            </content>
        </request-body>
        <response status="200">
            <content>
                <encode type="application/json" />
                <structure-group type="one-of">
                    <structure name="TokenInfo">
                        <property name="active" type="boolean" values="true"/>
                        <property name="scopes" type="string"/>
                        <property name="client_id" type="string"/>
                        <property name="expires_at" type="datetime"/>
                    </structure>
                    <structure name="ExpiredTokenResponse">
                        <property name="active" type="boolean" values="false"/>
                    </structure>
                </structure-group>
            </content>
        </response>
        <response status="401">
            <content>
                <encode type="application/json" />
                <structure name="AuthenticationErrorResponse">
                    <property name="code" type="string" values="INVALID_CLIENT"/>
                    <property name="message" type="string"/>
                    <property name="status" type="string" values="error"/>
                </structure>
            </content>
        </response>
    </operation>
</authentication-url>

Last Updated 2025-05-30 16:54:59 +0530 IST

Yes

Thank you for your feedback!

Send your feedback to us

Skip

Submit