Introduction
Before using the movingimage REST API, you need authorization to access a VideoManager Pro account. Authorization is granted when valid proof of identity is provided along with an API request for data. This proof of identity will take the form of a JSON Web access token, which is a unique string used to identify a user. Access tokens expire after a short time so it is important to maintain them with refresh tokens. Refresh tokens are used to generate a new access token after the old one expires. Every API request for data must be accompanied by an authorization header that includes a valid access token. The following example uses the "Get VideoManagers" method to demonstrate how to include an access token in a request to the API:
curl -X GET -H "Authorization: Bearer <ACCESS_TOKEN>" https://api.video-cdn.net/v1/vms
So now the question is: How are these tokens acquired? They are acquired by first providing proof of identity; the process of proving identity in software is called authentication. movingimage uses OpenID Connect 1.0 and OAuth 2.0 for authentication. This documentation will walk you through the process of using OpenID Connect to authenticate, which is done in two major steps: