This page documents the GroupShare REST API. Through the use of the REST Web API 3rd party developers can extend the GroupShare eco-system. Your applications can integrate with GroupShare using simple HTTP methods - supporting JSON format. All the calls in this specifications are OAuth 2.0 protected resources. This means that callers must provide a so called "bearer token". This token can be obtained by issuing a POST request, to the authentication/api/1.0/login URL (see the Login section). The received token can be used to get access to the associated resources (all of the exposed API calls).
We currently have 4 API versions which are documented. To alternate between them, type in the textbox above one of the following URLs:
Requests to protected resources that require authorization will return HTTP code 401 - Unathorized, if the Authorization request-header is not found or if the token expired. In this case you need to include the Authorization request-header with a valid authorization token value. To get this authorization token do a POST request to authentication/api/1.0/login.
The respone to the POST request to authentication/api/1.0/login is the bearer access token. Use this value in the Authorization request-header, with each call to protected resources.
"AAIAAIPYQYPBMluvjQdetB_dMMd6qa0TJ3vbOTyCFqZISN3Uvgh6VU_oV0xDJxEIoDk2GDUyk1EU-zxUIhhY0Lqzg64-i3yY5xRgk2zOK94K6DqKhqL1MRtJgRA6CIAiwTRjI2yIB_N3dfLAxs36rRXYIkcg9TYecWlI_
d8jWTCAn3W-0HZeO5UVV-srG1gt4qZC6CP8z75OjD9WXULRXWPxHCPwgNed7tvBVABSxR9ubOIPbD80SMmoAoLY_PvYcasb2iY6FAFYLGwxS_PjA7JGG2pgftw9FFCSfVRGLifmI0qHLkGwO50kmyA53muA__qODxhf9Rr
25uP7vUJLDUX14OTLRz22-Ey-vvONm7jXhCasQzoPJJHK1kYcHfyCY3lzewcNycgvCvhsYUbjHTsIrz9lFJTH2jCrn4w58rLwZUMMUPFUtp4LB9shn8HtzGZWjU6LW55RmL9opypOxYMwZNmu757RvIv25MBPedZCtkdP6
gdT2gtNrB4CQvbrQeE9ck9drE2Wyb75_NfKEATooc0izh-3D_5nPdkCtN2I-Uye50AuCscPNf8gqgBIrI7S70IRXFiPSML448vSLkrY2DQFpBKGN5wtA34Q-tSReuQbICqNBBgaj6ioE-7FcPW0uvZ2CSzy3z0xuAa-5oo
b54RzrH125e49Vz_5eJfLP2HMpAIAAAACAAB9PAzwxe3fD8Mv9NSxbEstcZD8_5Vt0vPMjtCuR97WmaIFMAYd_q6ityU7Ah2bsbDdjzrCTZBM1a04_UHzSN6x9IdDdmX8yZ137CfaBDHh7EE8jBLjOLIBsEvWnqnEs1Pji
dU96ctzWA6NOIs6MUaDljAO7E1TfjAuctGZyA6dcfotxmRjjAED5pVYUQiKUxfoVCoIyn3fnUlCExOF8JpBIHr5vNXniSFfms3oNMyC_u2tX05l6_v7gI4w-cjjTLqq60bU7zX-r-dX_y9IDKHniBEPo3N9_nFd-548bPk
mPgi8kR-4hveAtf0lE8FS-F_eW5kk3BgrnUn3fHkGK-IiHgBjNWAB54_AoFkuU54NdOKimF0wxyNW7Pu-UPNnjm7rknxVE-oTGd6F_zd8TyqcRi6_ozxlyBkVkhDtVjD-mFHP0Jv8ayZ6gynJw_BQM9SNrZsPcnweS90Q8
yIEGiuLPZB3lD0a4IMQ5tjOidxVt7dKyos6uVYF0EV87jqKWoFAXt_uiZoh5AQQyCBWTovE9AJzFK7AjaU7k04Av7R3MmIf04UZRSTFX_OVUcBz_kYXz2VldwQMP4FuurHRHOyQKf_jEo55LS1m6Be8wO0hXmeRa-0AdvF
a8nV2nqEPT4MeeyyrCXv_kiUgt5megumGLREyGPruR725JgHq7DRYNyxIc06u5zK51x4uND1zlGrcnb1IINqYnnR5KmLbw36Kj1OR_lC9TwZhmJ8FDtAlTY91R5GblGE_cHHJun-m4enOELzfO0dobMCI8ry6h7nzUzFRf
mNyhjtAWSncLnsrJHiDj-OmksvVaGr8GHWzFS71DcqHhSlZQ08Hmuwdtf9-vDeiJvam_XzPM531vpROv75wd_zOMi0NtexdptpSWvk"
Take the token value sent in response to the POST request to authentication/api/1.0/login and include it in the Authorization request-header. The authorization scheme should be set to "Bearer". This means that you need to set the Authorization request-header by concatenating "Bearer " and the returned token value.
Authorization: Bearer AAIAAD35zz7qdUHHSRceCMP6zg7F8MClF6g4oMmz9Df0oxSODp9F9gZWCzpzds7hSlfmbB2IuxmAjXnNSA
Bearer tokens need to be protected from disclosure using transport layer security. Any party in possession of a valid token can access protected resources.