Skip to content

Security & authentication

Info

While all functions can be done using the switcloud SDK, we also offer access to the API directly for more flexibility.

switcloud APIs require OAuth2 authentication before being used. To get an authentication token a user or an app needs to send a POST request to https://switcloud.switstack.io/api/oauth2/token with the required parameters. switcloud handles two type of grant types: “password” and user “client credentials”.

For example:

curl -X POST http://switcloud.switstack.io/api/oauth2/token \
     --data "grant_type=password&username=example%40switstack.io&password=mypassword"

{
        "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJvcmdhZG1pbkBzd2l0c3RhY2suaW8iLCJleHAiOjE3NDg1MzAyNzR9.ubUOUOyPU-S2xxNL7LcZTq8p9KxCE-CH2PHgFc7Vf6M",
        "token_type": "bearer",
        "expires_in": 3600
}

switcloud currently has 3 access levels based on roles

  • Super Admin: Can manage the entire system (CRUD on all models) - except the Payment data that are Read Only
  • Organization Admin: An admin within an Organization can manage their own estate (CRUD). They cannot see other Organizations’ data.
  • Simple User (either human or machine): Read Only access to their Orgnization’s data. Can create and update Payments.