Timebeans API Authentication


Timebeans offers a secure way for other applications to communicate with it. These communication channels are based on industry standards and follow best practices from security perspective. All Timebeans APIs are secured and can only be accessed after successful authentication. Timebeans offers multiple ways for user authentication:

1. Authenticating via user-credentials

Timebeans users can provide user credentials in a API call to authenticate and get an access token. The following end-point accepts an email address and password in header and returns a bearer token:

POST https://{{hostname}}/api/login

In the above end-point the "{{hostname}}" is the address of your Timebeans account/server. For example, if your Timebeans account is hosted at Timebeans secure cloud then your hostname would be something like:

your-account.timebeans.com

On the other hand if you are hosting Timebeans at your local premises in-house then the hostname would be something like:

timebeans-app.myserver.com

Header Values:

  • Email
  • Password
  • Content-Type (application/x-www-form-urlencoded)
  • Content-Length

Return Type:

A JSON object is returned with the bearer token as below:

{
   access_token: "{{bearer_token}}"
   token_type: "bearer"
}

The obtained bearer token can then be passed in the "Authorization" header in the below format along with each API call:

Bearer {{bearer_token}}


2. Authenticating via pre-generated access token

Timebeans users can pre-generate an access token in their Timebeans account by clicking on the "Integrations" link at the top after login to Timebeans or by using the below link:

https://{{hostname}}/integration/list

Once an access token is generated, it can be copied and passed to the following end-point (in header) to obtain a bearer token:

POST https://{{hostname}}/api/login

Header Values:

  • AccessToken
  • Content-Type (application/x-www-form-urlencoded)
  • Content-Length

Return Type:

A JSON object is returned with the bearer token as below:

{
   access_token: "{{bearer_token}}"
   token_type: "bearer"
}

The obtained bearer token can then be passed in the "Authorization" header in the below format along with each API call:

Bearer {{bearer_token}}


3. Authenticating via oAuth2

Timebeans also allows users to authenticate API requests using the industry standard oAuth2 model. The oAuth2 clients must be pre-registered and your Timebeans administrator must first enable it before users can use it.

Step-1: Obtain oAuth2 Code

GET https://{{hostname}}/auth/code

Query String Paramaters:

  • client_id
  • redirect_url

This will redirect the request to the "redirect_uri" address and the "code" parameter in the query string will have the access code.

Step-2: Obtain oAuth2 Token

GET https://{{hostname}}/auth/token

Query String Paramaters:

  • client_id
  • redirect_url
  • code
  • client_secret

This will return a JSON object with the bearer token as below:

{
   access_token: "{{bearer_token}}"
   token_type: "bearer"
}

The obtained bearer token can then be passed in the "Authorization" header in the below format along with each API call:

Bearer {{bearer_token}}

Timebeans API

A full list of Timebeans API methods is available at this link:

Timebeans API Details