Creating a Connection

Create a connection to the repository to begin using the Laserfiche API. Subsequent requests can use the access token received in the response from the initial connection creation request. After your application's task is finished, the connection should be closed.

Note: The AccessTokens route version is pinned at "v1-alpha." Version 1 will follow the OAuth model.

Creating an Access Token

Request Overview

POST https://api.laserfiche.com/repository/v1-alpha/Repositories/repoId/AccessTokens/Create?customerId=accountID

The example request creates a new access token for repository r-abc123 in the Laserfiche Cloud account 123456789. The request body contains the the username/password pair and the application name to assign to the connection.

POST https://api.laserfiche.com/repository/v1-alpha/Repositories/r-abc123/AccessTokens/Create?customerId=123456789
{
        "username": "Username",
        "password": "Password",
        "applicationName": "ExampleClient123"
}
        
  • customerId: The customerId request query parameter is the 9-digit or 10-digit Laserfiche Cloud account ID.
  • username: The username that is provided should be the same as the username entered when signin in to Laserfiche Cloud
  • password: The password that is provided should be the same as the password entered when signin in to Laserfiche Cloud. Note: for service principal users, the password will be a Service Principal key.
  • applicationName: The application name provided should be the name of your application. All actions performed through the API with be logged in the system logs with this application name.

Response Overview

{
"@odata.context": "https://api.laserfiche.com/repository/v1-alpha/$metadata#Laserfiche.Repository.SessionKeyInfo",
"authToken": "AAaaAAAaaaaaaAAAaaagOu/OMsMSawLsLWMcoUcSuVTHiX+6sL2kH9qNtKnMp/khZCAApUGGQtp/jvbnsg==",
"expireTime": "2021-01-01T01:01:11.1111111Z"
}
  • authToken: Take note of the authToken value. This value should be saved and stored somewhere in your application cache and provided in the Authorization header, in the form of:

    "Authorization" : "Bearer {authToken}"

    For example, with the authToken returned in the above example response. your requests should have an Authorization header with the value:

    "Bearer AAaaAAAaaaaaaAAAaaagOu/OMsMSawLsLWMcoUcSuVTHiX+6sL2kH9qNtKnMp/khZCAApUGGQtp/jvbnsg=="

  • expireTime: This value provides the date/time of when the token expires. If you would like to keep the token for longer, use the Refresh route, which will be discussed below.

Refreshing the Access Token

Request Overview

POST https://api.laserfiche.com/repository/v1-alpha/Repositories/repoId/AccessTokens/Refresh

There is no request body associated with this route.

The token does not need to be refreshed if requests are actively being made. The Refresh route only applies if your token is idle, but still valid. If your token has already expired, it cannot be refreshed.

Invalidating an Access Token

Request Overview

[POST] https://api.laserfiche.com/repository/v1-alpha/Repositories/repoId/AccessTokens/Invalidate

There is no request body associated with this route.

Response Overview

{
"@odata.context": "https://api.laserfiche.com/repository/v1-alpha/$metadata#Edm.Boolean",
"value": true
}
  • value: Boolean value that indicates whether the Token was invalidated successfully. A value of "true" means the connection was closed.