Access Token for API

I want to use download ( and upload ( functionality of the API but I can’t find the access token.

The following part from the documentation doesn’t lead to the desired result:

const parts = document.cookie.split('; ')
// parse application cookie
const appCookie = JSON.parse(window.decodeURIComponent(parts.filter(part => part.startsWith('calponia=')).pop().slice(9)))

If I only look at the “parts” result there is no access token in the array.

"", "calponia-instance=%7B%22id%22%3A%2255a77e58eb21c1614fdd85d43f455a1a%22%2C%22projectId%22%3A%22dab4dd80-b9da-11ea-8e44-5b0bb3880e01%22%2C%22appId%22%3A%22d9bdd1b0-b9db-11ea-84cf-ab6069dbbd3b%22%2C%22versionId%22%3A%22c93d5880-4ea2-4215-995e-6d9e18c6ef39%22%7D", "_xsrf=2|00c3e511|cafbd56e5e842753915bd9fb7d0edff9|1593426059"

What can I do to get the access token?

Welcome at the forum @c.thaemlitz :wave: ,

you no longer need to provide this token, when running your application of calponia.

For the development of your app, you can get a token from your cookies, when on calponia. The cookie is called calponia-token.

Thank you for Welcoming.

If I don’t provide a token at I get the message that I’m not authorized

{"error":{"status":401,"code":"NOT_AUTHORIZED","title":"No valid authorization provided","detail":"The request requires authorization, but a valid one was not provided."}}

In my cookies is no one called calponia-token. There are only calponia-user, calponia-instance and _xsrfif I open the application and only calponia-user if I’m using the platform.

Please use the dev-tools for obtain the cookie. It’s an HttpOnly-Cookie.

Thanks. Now I have found the access token in the cookie.

If it’s a HttpOnly-Cookie I cannot automatically read it via JavaScript. How can I automate the process of getting the cookie in order to avoid manual input?

You can’t - you need to wait for a fix on our site.

The workaround with the external urls ( and manually setting the access-token is just, that you can develop your application. When this is fixed, you can use the internal routes and there you don’t have to provide an access-token.


is this fixed, i.e. can we get the cookie/token from script/command line with curl from outside the calponia application, e.g. from a terminal?

I found this endpoint in the documentation, but did not manage to get a payload with a token (401 error).

Hi @emmanuel.roux,

yes, the given issue is fixed. You don’t need to provide any token, when accessing the API from inside of calponia.

To answer your quesiton, we need to know what kind of token you need or what usecaes you want to achieve. Until then I can only proide you general information. You can find information about the tokens here.

Please create a own topic, if you need more information as your request does not match the topic here (outside vs inside)