1. TrackTik Help Center
  2. Developer Tools
  3. API Introduction

Media Tokens and Rich Media

Updated

REST APIs that use JSON in payloads suggest that the only data available is text based, but there are often URLs pointing to rich media content (like images) that you might want to be able to download as well. 

Since all of TrackTik's data is protected behind encryption tunnels and access tokens, there needs to be a means to grant permission to rich media for downloading while protecting this. 

One approach is to leverage the header of HTTP requests to direct URIs of files (PDFs, images) by adding an Authorization : Bearer xxxxxxxx key:value pair. But this requires you to be in a header shaping execution context. You can't just embed a URI to an image in an HTML document and expect it to be accessible, without header shaping.

So a second approach was also implemented, that of a Media Token that you can add to URIs to enable HTTP requests to protected cloud hosted files as a parameter.  

When you request an OAuth 2 access token for using the TrackTik API, the response includes both the token and the media token, so you can decide what you need and which approach to take:

{
	"id_token":"eyJ0eXAi......",
	"media_token":"23367f204.......",        <=========
	"token_type":"Bearer",
	"expires_in":3599,
	"access_token":"eyJ0eXAiO........",      <=========
	"refresh_token":"def50200........"
}

A Media Token Authenticated URI Request

To use the mediaToken with a URI, you add it to the end as a parameter.

[GET] /clients?sort=-id

{
  "company": "Mid State Fair",
  "customId": "766",
  "firstName": "",
  "lastName": "",
  "jobTitle": "",
  "primaryPhone": "",
  "secondaryPhone": "",
  "type": "CLIENT",
  "region": 7,
  "status": "ACTIVE",
  "address": 1481,
  "email": "",
  "closedDate": null,
  "id": 766,
=>"avatar": "https://innovation.staffr.net/rest/v1/avatar/clients/766/07035a44ac2af23a3780bbf806f79222"
        }

The Avatar URI of this Client is https://innovation.staffr.net/rest/v1/avatar/clients/766/07035a44ac2af23a3780bbf806f79222

To access this with another HTTP Agent, you append ?mediaToken=xxxxxx

E.g.

https://innovation.staffr.net/rest/v1/avatar/clients/766/07035a44ac2af23a3780bbf806f79222?mediaToken=23367f204.......

 

 

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more