📝API Authorization

Segurança baseada em chaves secretas

The Niro has two types of route authorization, with the master key and the private key.

• Master Key Main key accessed through process.env.MASTER_KEY.

• Private KeyPrivate key generated by the user.

All routes in the system are protected by authorization middleware.

Accessing protected route

You need to provide the authorization header to enter the value of the maste key.

You must provide some security header. If you choose to provide your private key, enter the three headers that are required. By sending the private key, theauthorization header does not need to be entered.

Example routing with authorization header:

Get All Users

GET http://localhost:4000/api/users

Returns all registered users.

Headers

Name	Type	Description
authorization*	String	Security Field
key_tag	String	Security Field
key_secret	String	Security Field
key_value	String	Security Field

200: OK

{
    "id": "{STRING}",
    "username": "{STRING}"
}

Example of routing with private key headers:

Get All Users

GET http://localhost:4000/api/users

Returns all registered users.

Headers

Name	Type	Description
authorization	String	Security Field
key_tag*	String	Security Field
Key_secret*	String	Security Field
key_value*	String	Security Field

200: OK

[
    {
        "id": "{STRING}",
        "username": "{STRING}"
    }
]