Front-End User Authentication

Front-end applications will authenticate their calls to Dice Ambient Scribe using short-lived (1 hour) access tokens that are scoped to a user in your organization.

From your server (thus using the Server API) do the following:

Create a user with the POST Create User API call
Authenticate the user you just created with the POST Login User API call.
Communicate the pair of access_token and refresh_token to your front-end app.
Now, the front-end app can use the access_token to make calls to the same endpoints but under v1/scribe/user instead of v1/scribe/server.

Additionally the user has access to the following API calls:

Refresh Tokens

Use the POST Refresh Tokens API call to refresh tokens. Note that this method requires the refresh_token for authentication. The API will return a new pair of access_token and refresh_token and the old tokens will be revoked.

Log Out user

Use the POST Logout User API call to logout a user. The access and refresh tokens for the user will be revoked, and if access is required again the user must request the backend server for fresh tokens.

Front-End User Authentication

Refresh Tokens​

Log Out user​

Refresh Tokens

Log Out user