A new /scoped-token API authenticates users via bearer token and generates a scoped JWT, limiting the access of content to specified entities (device, devices in a group, and all devices in an organization) for a duration of 24 hours. This token, included in the Authorization header of subsequent API calls, functions as a bearer token, and grants access only to APIs within the defined scope. This allows partners and sub-partners to restrict user access to reusable components like Event Media, Live Streaming, and Recording Timeline.
For example, to enable viewing event media from the event-media component, create a token for the deviceEvent component. However, to enable the retrieval of videos from the camera, create a token that enables both the deviceEvent and deviceRecordingTimeline components from the event-media component.
required | Array of objects [ 1 .. 10 ] items |
Successful operation
Bad request error
Unauthorized error
Forbidden error
Not found error
Internal server error
{- "entities": [
- {
- "entityType": "device",
- "entityId": 0,
- "features": [
- {
- "featureType": "deviceLiveStreaming",
- "allowMedia": true
}
]
}
]
}{- "data": {
- "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"
}, - "requestId": "df5fg-45fgfdsg-45fg-45454"
}