CoSync REST API #

The CoSync REST API provides interfaces for a client device to access the CoSync REST service, which is at https://sandbox.cosync.net, when using the SANDBOX of the COSYNC AUTH authentication system.

The primary purpose of the CoSync REST API service is to provide a client side application with functions to access the COSYNC AUTH authentication service.

Headers #

Request Headers #

Unless specified otherwise, requests must have the following headers:

	{
        app-token: "<App Token>"
	}
	or 
	{
        access-token: "<Access Token>"
	}

The app-token request is done if the user is not logged in. The access-token request is done if the user is logged in.

The app-token is retrieved from the CoSync Portal in the application detail under by the developer in the Keys section of the specific app. The app-token is only known by the developer and is associated with the application. The CoSync Auth service uses this app-token to verify developer identity to authorize access to the application.

The access-token is returned to the client when a user is authenticated by the CoSync REST API for the CoSync Auth authentication service, it is returned alongside the JWT token for the user logging in. The access-token is associated with a particular user of the application, this is different from the app-token that is associated with a developer.