Authentication

The MC10 API uses basic access authentication to authorize HTTP requests.

Every request for data must contain a header in the form Authorization: Basic <credentials>, where credentials is the base64 encoding of a registered user's ID and access token joined by a single colon.

Obtaining an access token

Use curl or another HTTP user agent to log into the MC10 API and obtain an access token. Here, the user jdoe@example.com logs in with the password ex@mple!:

curl -X POST "https://mc10cloud.com/api/v1/users/login/email" --header "Content-Type: text/json" -d '{"email":"jdoe@example.com","password":"ex@mple!","accountType":"BRC2"}'

The API responds with a user object containing an access token and expiration timestamp:

{
"accessToken": "JSFn/hfHjbtW2mZQ",
"expiration": 1557848997063,
"user": {
"accountId": "5d3b5950-1b00-11e7-8464-0a624d7022db",
"createdTs": 1440000000000,
"email": "jdoe@example.com",
"firstName": "John",
"id": "b7c07724-4462-11e9-a70f-0637976ce150",
"isDisabled": false,
"lastName": "Doe",
"legaleseVersionAccepted": 1,
"legaleseVersionRequired": 1,
"locale": "en_us",
"timezone": "US/Eastern"
}
}

Using the access token

After logging in, the same user can request data using the provided id and accessToken:

curl --user b7c07724-4462-11e9-a70f-0637976ce150:JSFn/hfHjbtW2mZQ -X GET "https://mc10cloud.com/api/v1/studies/f7888660-4f14-11e8-a47c-028eb5a65596/subjects"

Above, curl creates the necessary Authorization header from the credentials b7c07724-4462-11e9-a70f-0637976ce150 and JSFn/hfHjbtW2mZQ.

Invalidating the access token

Access tokens are valid for two weeks or until invalidated by "logging out":

curl --user b7c07724-4462-11e9-a70f-0637976ce150:JSFn/hfHjbtW2mZQ "https://mc10cloud.com/api/v1/users/logout"

POST and PUT requests

When creating or updating data, you must specify "application/json" as the content type. The following example shows how to create a subject using curl:

curl --user b7c07724-4462-11e9-a70f-0637976ce150:JSFn/hfHjbtW2mZQ -X POST "https://mc10cloud.com/api/v1/studies/f7888660-4f14-11e8-a47c-028eb5a65569/subjects" -H "Content-Type: application/json" -d '{ "displayName": "S-001", "age": 44, "gender": "MALE" }'