Download OpenAPI specification:
You can use the Authentication API to obtain Urban Sharing API authentication tokens. Tokens have a limited lifetime and must be refreshed at regular intervals. Before using the Authentication API, you must obtain API credentials from Urban Sharing. The API credentials include a Client ID and a Client Secret. Each client ID is valid for one Urban Sharing Fleet system and can be used to access multiple APIs. Which APIs are accessible depends on which roles you are granted. It is possible to request multiple client IDs for the same system if required.
| Date | Version | Notes |
|---|---|---|
| Thu Feb 15 2024 | 1.1.0 | Add OAuth endpoints Renamed auth/token endpoint to auth/me |
| Tue Aug 15 2023 | 1.0.0 | Initial release |
To obtain an authentication token, send a POST request to http://auth.api.urbansharing.com/auth/token. This is the only endpoint that does not require a valid token in the Authorization header. All other API requests must include a valid token in the Authorization header. e.g.
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjbGllbnRJZCI6ImFwaV8xREhneXo3RHA0YkRYTXVJWktLb3hPMHkiLCJyb2xlcyI6WyJhcGkxIiwiYXBpMiJdLCJzeXN0ZW1JZCI6InRlc3Qtc3lzdGVtIiwiaWF0IjoxNjg4NjI4MDA4LCJleHAiOjE2ODg2MjkwMDh9.WtAnY1WR28U8NEZDePRpr-3UiHpTjB07GOXKp2dfeasIf the token is valid, the request will be processed. If the token is invalid, the request will be rejected with a 403 Forbidden response.
You can use curl to obtain a JWT token. Tokens expire after 60 minutes.curl -X POST https://auth.api.urbansharing.com/auth/token \
-H 'Content-Type: application/json' \
-d '{ "grantType": "client_credentials", "clientId": "your_client_id", "clientSecret": "your_client_secret" }'An authentication token is required to access Urban Sharing APIs. To request a token, provide a valid client ID and client secret credentials. API credentials can be obtained from Urban Sharing.
| grantType required | string Value: "client_credentials" Grant Type must always be "client_credentials" |
| clientId required | string A client ID can be obtained from Urban Sharing |
| clientSecret required | string A client secret can be obtained from Urban Sharing |
{- "grantType": "client_credentials",
- "clientId": "client576576",
- "clientSecret": "secret565ee65"
}{- "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
- "tokenType": "Bearer",
- "expiresIn": 3600,
- "expiresAt": "2021-01-01T00:01:00.000Z"
}Authenticate directly with service account credentials.
| accountId required | string The service account id |
| accountSecret required | string The service account secret |
{- "accountId": "asa_1234",
- "accountSecret": "my-account-secret"
}{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}Authenticate directly with an existing idtoken.
| provider required | string Enum: "google" "microsoft" Example: google The OAuth provider to use for authentication. |
| token required | string The third party id token, signed by the provider. |
{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}Redirects to the OAuth provider for authentication.
| provider required | string Enum: "google" "microsoft" Example: google The OAuth provider to use for authentication. |
| redirect required | string Example: redirect=https://www.urbansharing.com The URL to redirect to after authentication. |
Returns data for the current authenticated user/token.
| uowid | string A globally unique unit of work ID generated by the client which allows Urban Sharing to track requests through our systems. If no header is provided it will be generated automatically at the time of arrival. The header and ID will be returned in the response. |
{- "id": 0,
- "sub": "api_1MpxBhayYfJP3r4p107i185E",
- "role": "bearer",
- "iat": 1700000000,
- "exp": 1700000000,
- "attrs": {
- "clientId": "api_1MpxBhayYfJP3r4p107i185E",
- "systemId": "oslobysykkel",
- "roles": [
- "maas",
- "operations"
]
}
}List of available login providers for this organization
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string |
{- "data": [
- {
- "name": "string",
- "type": "google"
}
]
}Authenticate directly with an existing idtoken.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| token required | string The third party id token, signed by the provider. |
{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}Redirects to the OAuth provider for authentication.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| redirect required | string Example: redirect=https://www.urbansharing.com The URL to redirect to after authentication. |
Redirects to the OAuth provider for authentication.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| redirect required | string Example: redirect=https://www.urbansharing.com The URL to redirect to after authentication. |
Redirects to the OAuth provider for authentication, to link profile to existing user.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| redirect required | string Example: redirect=https://www.urbansharing.com The URL to redirect to after authentication. |
Initiates an SMS login flow. Returns a state token to be used with the verify endpoint.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| phoneNumber required | string The phone number to send the SMS code to. |
{- "phoneNumber": "+4712345678"
}{- "state": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}Initiates an SMS signup flow. Returns a state token to be used with the verify endpoint.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| phoneNumber required | string The phone number to send the SMS code to. |
{- "phoneNumber": "+4712345678"
}{- "state": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}Verifies the SMS code and completes the login or signup flow.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| state required | string The state returned from the SMS login/signup endpoint. |
| code required | string The SMS verification code. |
{- "state": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c",
- "code": "123456"
}{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| code required | string |
| state required | string |
List of available login providers for this organization
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
{- "data": [
- {
- "name": "string",
- "type": "google"
}
]
}Logs out the current user.
| systemId required | string The system identifier |
| organizationId required | string The organization identifier |
| realm required | string The realm identifier |
| redirect | string Example: redirect=https://www.urbansharing.com The URL to redirect to after authentication. |
Authenticate directly with an existing idtoken.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| token required | string The third party id token, signed by the provider. |
{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}Redirects to the OAuth provider for authentication.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| redirect required | string Example: redirect=https://www.urbansharing.com The URL to redirect to after authentication. |
Redirects to the OAuth provider for authentication.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| redirect required | string Example: redirect=https://www.urbansharing.com The URL to redirect to after authentication. |
Redirects to the OAuth provider for authentication, to link profile to existing user.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| redirect required | string Example: redirect=https://www.urbansharing.com The URL to redirect to after authentication. |
Initiates an SMS login flow. Returns a state token to be used with the verify endpoint.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
| phoneNumber required | string The phone number to send the SMS code to. |
{- "phoneNumber": "+4712345678"
}{- "state": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}Initiates an SMS signup flow. Returns a state token to be used with the verify endpoint.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
| phoneNumber required | string The phone number to send the SMS code to. |
{- "phoneNumber": "+4712345678"
}{- "state": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}Verifies the SMS code and completes the login or signup flow.
| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
| state required | string The state returned from the SMS login/signup endpoint. |
| code required | string The SMS verification code. |
{- "state": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c",
- "code": "123456"
}{- "token": "eyJhbGciOiJIUz...36POk6yJV_adQssw5c"
}| realm required | string The realm identifier |
| organizationId required | string The organization identifier |
| systemId required | string The system identifier |
| provider required | string Enum: "google" "facebook" "microsoft" "apple" "phone" "email" The OAuth provider type |
| code required | string |
| state required | string |