...
Each service should identify the user using the his api_token returned when user logs in or reading its , which returned by the login method or readable via its profile. This value should be sent using the header Authentication using the following format:
| Code Block |
|---|
Authentication: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ |
All securized methods Once the token is available on the securized service, it should rely on the user service to perform the authentication checking.