This shows you the differences between two versions of the page.
api [2017/09/19 17:40] lucy [LUCY REST API - Background Info] |
api [2019/07/25 12:49] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== LUCY REST API - Background Info ===== | ||
- | |||
- | Lucy API is a RESTful web service. The API does not keep the client' | ||
- | |||
- | {{ api1.png? | ||
- | |||
- | ===== Requirements ===== | ||
- | |||
- | Some general requirements are: | ||
- | |||
- | * The service uses JSON as the only data interchange format, all API responses are in JSON, most request parameters are expected to be in JSON. | ||
- | * All requests to API should have a " | ||
- | * All requests should be performed strictly over HTTPS protocol. Plain HTTP requests to API will be rejected by server. | ||
- | |||
- | |||
- | ===== Authentication ===== | ||
- | |||
- | Lucy API uses JWT (JSON web tokens) for authentication. The token should be obtained by sending an Authentication request before issuing any other requests (see Authentication request description below for details). | ||
- | The obtained authentication token should be specified in the " | ||
- | |||
- | |||
- | Authorization: | ||
- | eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI | ||
- | 6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONF | ||
- | h7HgQ | ||
- | |||
- | The client should store the token locally and keep it until the token expires. The expiration date and time is specified in the token header. Please check out https:// | ||
- | |||
- | ===== Resources ===== | ||
- | Resources are used when getting some data from Lucy API or creating/ | ||
- | server expects when you are creating a new campaign. The only difference is links - when you are posting/ | ||
- | |||
- | |||
- | ===== Example Usage ===== | ||
- | |||
- | First you need to auth: | ||
- | |||
- | POST /api/auth HTTP/1.1 | ||
- | Host: phish.local | ||
- | Content-Type: | ||
- | Cache-Control: | ||
- | | ||
- | {" | ||
- | |||
- | You will get the token in response, use it in all subsequent requests: | ||
- | |||
- | {" | ||
- | |||
- | Then create a group for example: | ||
- | |||
- | PUT / | ||
- | Host: phish.local | ||
- | Authorization: | ||
- | Content-Type: | ||
- | Cache-Control: | ||
- | | ||
- | {" | ||
- | |||
- | You will get something like this in response: | ||
- | |||
- | {" | ||
- | |||
- | Then you may create a recipient in that group: | ||
- | |||
- | PUT / | ||
- | Host: phish.local | ||
- | Authorization: | ||
- | Content-Type: | ||
- | Cache-Control: | ||
- | | ||
- | {" | ||
- | |||
- | You will get this response: | ||
- | |||
- | {" | ||
- | |||
- | |||
- | ===== Detailed Documentation ===== | ||
- | |||
- | A more detailed documentation can be found {{:: | ||