Skip to content

Authentication

Some actions require a valid user session. For example, MASV Agent requires a valid user session when sending a package to an email recipient or creating download automations.

Other actions, like uploading to a Portal, do not require a user session.

When you try to perform an action without a valid session, the service responds with a 401 Unauthorized status code and the following error body:

{
  "code": 262146,
  "message": "session is nil"
}

How to authenticate

API Key

When using the MASV Agent, we recommend authentication through the use of an API key. Once you have generated your API key, you must pass it as a flag when you start the server:

masv server start --api-key='YOUR_KEY'

Credentials

Use the following command to login with credentials

masv user login --email {EMAIL} --password {PASSWORD}

curl -X POST -H "Content-Type: application/json" http://localhost:8080/api/v1/login -d '{"email":"EMAIL","password":"PASSWORD"}'

Get current user session

To see which user currently has a valid session with the MASV Agent, use the following request:

masv user status

curl -X GET http://localhost:8080/api/v1/login

The response will include information like the following:

{

  "user": {
    "email": "[email protected]",
    "id": "01CWEEY5PT3535ETT4TH9NYZVP",
    "name": "Firstname Lastname"
  },
  "teams": [
    {
      "custom_expiry_default": 30,
      "custom_expiry_enabled": true,
      "download_limit_default": 12,
      "download_limit_enabled": true,
      "id": "01CWEEY60MREFF7PPYZ82QSQ9J",
      "max_email_recipients": 30,
      "name": "Acme",
      "subdomain": "acme"
    },
    ...
  ]
}

Where:

  • user object contains logged-in user attributes
  • teams is an array of all Teams that the user belongs to, with details like limits and general settings as configured for that Team

You can also retrieve the Teams that the user belongs to:

masv user teams

curl -X GET http://localhost:8080/api/v1/teams

If there is no user session, or authentication failed, MASV Agent responds with a 401 status and information about the error in the response body:

$ curl --head -X GET http://localhost:8080/api/v1/login
HTTP/1.1 401 Unauthorized
Content-Type: application/json
...