diff options
Diffstat (limited to 'doc/md/REST-API.md')
-rw-r--r-- | doc/md/REST-API.md | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/doc/md/REST-API.md b/doc/md/REST-API.md index f3f0b17a..0b8aba8a 100644 --- a/doc/md/REST-API.md +++ b/doc/md/REST-API.md | |||
@@ -1,6 +1,18 @@ | |||
1 | ## Usage | 1 | ## Usage and Prerequisites |
2 | 2 | ||
3 | See the [REST API documentation](http://shaarli.github.io/api-documentation/). | 3 | See the [REST API documentation](http://shaarli.github.io/api-documentation/) |
4 | for a list of available endpoints and parameters. | ||
5 | |||
6 | Please ensure that your server meets the [requirements](Server-requirements) | ||
7 | and is properly [configured](Server-configuration): | ||
8 | |||
9 | - URL rewriting is enabled (see specific Apache and Nginx sections) | ||
10 | - the server's timezone is properly defined | ||
11 | - the server's clock is synchronized with | ||
12 | [NTP](https://en.wikipedia.org/wiki/Network_Time_Protocol) | ||
13 | |||
14 | The host where the API client is invoked should also be synchronized with NTP, | ||
15 | see [token expiration](#payload). | ||
4 | 16 | ||
5 | ## Authentication | 17 | ## Authentication |
6 | 18 | ||
@@ -43,9 +55,11 @@ ewogICAgICAgICJ0eXAiOiAiSldUIiwKICAgICAgICAiYWxnIjogIkhTNTEyIgogICAgfQ== | |||
43 | 55 | ||
44 | #### Payload | 56 | #### Payload |
45 | 57 | ||
46 | **Validity duration** | 58 | **Token expiration** |
47 | 59 | ||
48 | To avoid infinite token validity, JWT tokens must include their creation date in UNIX timestamp format (timezone independant - UTC) under the key `iat` (issued at). This token will be accepted during 9 minutes. | 60 | To avoid infinite token validity, JWT tokens must include their creation date |
61 | in UNIX timestamp format (timezone independent - UTC) under the key `iat` (issued at). | ||
62 | This token will be valid during **9 minutes**. | ||
49 | 63 | ||
50 | ```json | 64 | ```json |
51 | { | 65 | { |