Migration from v1 to v2
Example application
We have modified our original example application to work with our new API. Download modified original example application.
Why did we migrate?
The migration to API v2 was necessary to improve the security of our transmission. We have made changes to our authentication method. The new authentication method follows the client credential flow of the OAuth 2.0 specification, which is more secure than the previous version. By migrating to API v2, we have ensured that our transmission is more secure and less vulnerable to attacks.
What have we changed?
New Token API
Changes have been made to the /authentication
endpoint. Here are the key changes.
-
The token endpoint is now separated from Roster APIs and hosted on a different Identity server. The base address of the server is
https://identity-eu.frmsc.com
. See the Token section of our API Reference for more information. -
You must URL encode the client secret. You can use urlencoder.org to URL encode the client secret.
-
You must pass
Authorization
header starting with the wordBasic
followed by a space and a base64 encoded string of<Your_ClientID>:<Your_URL_Encoded_ClientSecret>
. See below for the format and the example.Manually encoding?
Use base64encode.org to encode or decode the string of
<Your_ClientID>:<Your_URL_Encoded_ClientSecret>
. -
The body must have two fields:
grant_type
whose value must beclient_credentials
scope
whose value must befrmsc_safe_upload_api
-
The content-type for the body must be
x-www-form-urlencoded
Example request for token
curl --location 'https://identity-eu.frmsc.com/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic NTQ3MUUwMTAtRERFRS00Qzk4LUZGOEYtMDhEQjIyNDVFMzczOjdyZzZHdCtoVWlvYnRYSTlKYjM3ejJ2dHJodzFDRWdEa3dGWmNNYk41WWM9' \
-d grant_type=client_credentials&scope=frmsc_safe_upload_api
eyJhbGciOiJSUzI1NiIsImtpZCI6IjBFNUMxNEU4OEIzRjFFMEFCNDlGNUIzMkU5NzNDMDQ0NkY0MjJDRURSUzI1NiIsInR5cCI6ImE0K2p3dCIsIng1dCI6IkRsd1U2SXNfSGdxMG4xc3k2WFBBUkc5Q0xPMCJ9.eyJuYmYiOjE3MDQ4NTQwNjksImV4cCI6MTcwNDg1NzY2OSwiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS1ldS5mcm1zYy5jb20iLCJhdWQiOiJmcm1zY19zYWZlX3VwbG9hZF9hcGkiLCJjbGllbnRfaWQiOiI1NDcxRTAxMC1EREVFLTRDOTgtRkY4Ri0wOERCMjI0NUUzNzIiLCJqdGkiOiIxN0ZBMjlDMEFFMkJDMTQ5QjJGQjAwNkFCQjYwNDU5RSIsImlhdCI6MTcwNDg1NDA2OSwic2NvcGUiOlsiZnJtc2Nfc2FmZV91cGxvYWRfYXBpIl19.X-OWtCzTNML0O5RwcoPOOBPx33lQEXvPy4LvauhVpzYto4XfKFTT19HtHGZByCeyexckq0VtIwNukRrBOdyQuqjSKzVDpVHLoUBj6C5VIheQC8qCHZYEyZhzum5d0qmlUejYbaXeja4_lBRLLp1pzQO6ERAYYyLkSa-L-bhtNl3EyabNf3PyiKJAfySc5R7z4yN32IGxLCeTcf8_fimASrRZNUz52ozRQiKbibYtC38yWNLpbjnNvg7u4aWQ7x41FyHKfPC7D9P7_4SBc3uqciLrYyYUoBHpdOF7OwvGXdC2sR9vhe2dAYGGKNTNH0OJQ1xFrXhripkItVEabhN_ag
SAFE Application API
We have not made any major changes to the /UploadRoster
endpoint payload. However, we have changed the base address of the Upload server to https://web-eu.frmsc.com
.
Moreover, to use the SAFE Application API endpoints, you must pass the response you received from calling the identity server in the Authorization
header.
You must pass Authorization
header starting with the word Bearer
followed by a space and token string. See below for format and example. If you are following the OAuth2.0 flow, the platform you are using should automatically do all these steps for you.
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjBFNUMxNEU4OEIzRjFFMEFCNDlGNUIzMkU5NzNDMDQ0NkY0MjJDRURSUzI1NiIsInR5cCI6ImE0K2p3dCIsIng1dCI6IkRsd1U2SXNfSGdxMG4xc3k2WFBBUkc5Q0xPMCJ9.eyJuYmYiOjE3MDQ4NTQwNjksImV4cCI6MTcwNDg1NzY2OSwiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS1ldS5mcm1zYy5jb20iLCJhdWQiOiJmcm1zY19zYWZlX3VwbG9hZF9hcGkiLCJjbGllbnRfaWQiOiI1NDcxRTAxMC1EREVFLTRDOTgtRkY4Ri0wOERCMjI0NUUzNzIiLCJqdGkiOiIxN0ZBMjlDMEFFMkJDMTQ5QjJGQjAwNkFCQjYwNDU5RSIsImlhdCI6MTcwNDg1NDA2OSwic2NvcGUiOlsiZnJtc2Nfc2FmZV91cGxvYWRfYXBpIl19.X-OWtCzTNML0O5RwcoPOOBPx33lQEXvPy4LvauhVpzYto4XfKFTT19HtHGZByCeyexckq0VtIwNukRrBOdyQuqjSKzVDpVHLoUBj6C5VIheQC8qCHZYEyZhzum5d0qmlUejYbaXeja4_lBRLLp1pzQO6ERAYYyLkSa-L-bhtNl3EyabNf3PyiKJAfySc5R7z4yN32IGxLCeTcf8_fimASrRZNUz52ozRQiKbibYtC38yWNLpbjnNvg7u4aWQ7x41FyHKfPC7D9P7_4SBc3uqciLrYyYUoBHpdOF7OwvGXdC2sR9vhe2dAYGGKNTNH0OJQ1xFrXhripkItVEabhN_ag