Access Tokens
Overview
The HYPR Control Center exposes an extensive set of APIs which use access tokens as an authentication and authorization mechanism.
API access tokens can be created and revoked by Control Center admin users as described below. Tokens have an expiration period (TTL) of 30 days. The expiration date is reset to the current date+TTL each time you use the token, so if you don't use the token for more than 30 days it will expire and you'll need to generate a new one.
Note
Every token is bound to a specific RP Application. Any operation within the RP Application is allowed in the presence of a valid token.
Create Access Token
- Click Access Tokens in the selected RP application left menu, then click Generate Token.

- In the pop-up box, provide a token name. When finished, click Create Token.

Note
Choosing a unique name for an access token helps avoid confusion.
- This step provides the option for the admin to copy the generated access token. This is a one-time action as the admin will not see the tokens beyond this dialog. Click Done when finished.

- The following table displays:
Field Name | Description |
---|---|
Token Name | Name of the token |
Date Created | Date of creation |
Last Used | Last used by the clients for registration/authentication and de-registration |
Delete | Delete the token |

Use the Access Token
An access token is provided on every request to the HYPR API HTTP endpoint. The request will fail if the token is missing or does not have permissions for the requested operation. The request will also fail if the token has expired, been revoked, or is invalid.
The access token must be sent in the Authorization header using the Bearer schema.
Here is an example of how to pass an access token using the cURL command. In the following example the access token is 7c839b65-9d28-4037-afc6-993fc5595cbf
curl https://staging1.gethypr.com/cc/api/stats/authenticator/logins \
-H 'Authorization: Bearer 7c839b65-9d28-4037-afc6-993fc5595cbf'
Access Tokens in HYPR Java SDK
The following commands are examples to show how access tokens can be used in Java SDK:
//Registration
java -jar java-client-<version>.jar REGISTER https://<your_hypr_server_url>.com <api_access_token> highlandsBank username
//Authentication
java -jar java-client-<version>.jar AUTHENTICATE https://<your_hypr_server_url>.com <api_access_token> highlandsBank username
//Transaction
java -jar java-client-<version>.jar TRANSACTION https://<your_hypr_server_url>.com <api_access_token> highlandsBank username actionId transactionType transactionText
Registration
Navigate to the folder where the Java SDK package is downloaded (or placed). To register the username, use the command below:
java -jar java-client-<version>.jar REGISTER https://<your_hypr_server_url>.com <api_access_token> highlandsBank username
For example: java -jar java-client-3.8.0-20200117.161944-11.jar REGISTER https://awsdevelop1.biometric.software 001fc0cf-0703-fb7d-ad44-07c7e3334bcb highlandsBank 20feb@droid1
Note
The access token has to be generated in the Control Center’s 'Access Tokens Section' for the respective app which is being tested, e.g. https://awsdevelop1.biometric.software/cc/app/highlandsBank/accessTokens
A QR code will be generated in your HOME directory.

QR code file:

Authentication
To authenticate the registered username (which can be an e-mail address) use the following command:
java -jar java-client-<version>.jar AUTHENTICATE https://<your_hypr_server_url>.com <api_access_token> highlandsBank username
For example: java -jar java-client-3.8.0-20200117.161944-11.jar AUTHENTICATE https://awsdevelop1.biometric.software 001fc0cf-0703-fb7d-ad44-07c7e3334bcb highlandsBank 20feb@droid1
A PUSH notification is generated and the user accepts. After a successful authentication with HYPR, the user is granted access.
Transaction
To post a transaction on the registered username, use the command shown below:
java -jar java-client-<version>.jar TRANSACTION https://<your_hypr_server_url>.com <api_access_token> highlandsBank username actionId transactionType transactionText
For example: java -jar java-client-3.8.0-20200117.161944-11.jar TRANSACTION https://awsdevelop1.biometric.software 001fc0cf-0703-fb7d-ad44-07c7e3334bcb highlandsBank 20feb@droid1 completeMediumTransaction Wire $500
actionId: Policy name
transactionType & transactionText: Enter custom text
Updated 10 months ago