When using PrizmDoc Cloud-Hosted, you must authenticate all HTTP requests. You can do this in one of two different ways:
Include an acs-api-key header with your API key as the value.
For example:
Example |
Copy Code
|
---|---|
POST https://api.accusoft.com/PCCIS/V1/ViewingSession acs-api-key: <your key here> Content-Type: application/json {"render":{"html5":{"alwaysUseRaster":false}}} |
To obtain an API key, visit https://www.accusoft.com/portal/.
To facilitate granular access to PrizmDoc Cloud-Hosted account data, especially document storage, another level of authorization must be implemented to further identify requests. The OAuth 2.0 specification allows for this type of authorization. Using OAuth, PrizmDoc Cloud-Hosted can not only authorize a request via the PrizmDoc Cloud-Hosted API key, but also by custom user information provided by clients. Ultimately, this will allow for the creation of rules by PrizmDoc Cloud-Hosted customers to limit access to various resources.
Per the OAuth spec, PrizmDoc Cloud-Hosted implements the client credentials grant method. This relies on authentication through the PrizmDoc Cloud-Hosted API key. See: https://tools.ietf.org/html/rfc6749#section-4.4. By default, the expire time for the access token is set to one day. Initially at least, the use of OAuth necessitates the use of server-side code for the creation of the access tokens.
See the OAuth API Reference.