You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by sn...@apache.org on 2015/08/12 19:14:03 UTC
[08/60] [abbrv] incubator-usergrid git commit: cherry picking docs
from master
http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/4a92ab09/content/docs/security-and-auth/authenticating-users-and-application-clients.html
----------------------------------------------------------------------
diff --git a/content/docs/security-and-auth/authenticating-users-and-application-clients.html b/content/docs/security-and-auth/authenticating-users-and-application-clients.html
new file mode 100644
index 0000000..7e1348f
--- /dev/null
+++ b/content/docs/security-and-auth/authenticating-users-and-application-clients.html
@@ -0,0 +1,528 @@
+
+
+<!DOCTYPE html>
+<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
+<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
+<head>
+ <meta charset="utf-8">
+
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+ <title>Authenticating users & app clients — Apache Usergrid 1.0 documentation</title>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
+
+
+
+
+
+ <link rel="top" title="Apache Usergrid 1.0 documentation" href="../index.html"/>
+ <link rel="next" title="Authentication levels" href="user-authentication-types.html"/>
+ <link rel="prev" title="Using permissions" href="using-permissions.html"/>
+
+
+ <script src="../_static/js/modernizr.min.js"></script>
+
+</head>
+
+<body class="wy-body-for-nav" role="document">
+
+ <div class="wy-grid-for-nav">
+
+
+ <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+ <div class="wy-side-nav-search">
+
+
+
+ <a href="../index.html" class="icon icon-home"> Apache Usergrid
+
+
+
+ </a>
+
+
+
+
+ <div class="version">
+ 1.0
+ </div>
+
+
+
+
+<div role="search">
+ <form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
+ <input type="text" name="q" placeholder="Search docs" />
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+
+
+ </div>
+
+ <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
+
+
+
+ <p class="caption"><span class="caption-text">Introduction</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Getting Started</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Data Storage</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/data-store-dbms.html">The Usergrid Data Store</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/optimizing-access.html">Data Store Best Practices</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/collections.html">Collections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/entities.html">Entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Data Queries</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/querying-your-data.html">Querying your data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/query-parameters.html">Query parameters & clauses</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/operators-and-types.html">Query operators & data types</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/advanced-query-usage.html">Advanced query usage</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Entity Connections</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/connecting-entities.html">Connecting entities</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/retrieving-entities.html">Retrieving connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/disconnecting-entities.html">Disconnecting entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Security & Authentication</span></p>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li>
+<li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="">Authenticating users & app clients</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#authentication-levels">Authentication levels</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#application-user-authentication-user-login">Application user authentication (user login)</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#using-the-sdks">Using the SDKs</a><ul>
+<li class="toctree-l4"><a class="reference internal" href="#request-syntax">Request syntax</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#example-request">Example request</a></li>
+<li class="toctree-l4"><a class="reference internal" href="#example-response">Example response</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#application-client-authentication">Application client authentication</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#id1">Request syntax</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#id2">Example request</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#id3">Example response</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#admin-user-authentication">Admin user authentication</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#id4">Request syntax</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#id5">Example Request</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#id6">Example response</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#organization-client-authentication">Organization client authentication</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#id7">Request syntax</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#id8">Example request</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#id9">Example response</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li>
+<li class="toctree-l1"><a class="reference internal" href="changing-token-time-live-ttl.html">Changing token expiration (time-to-live)</a></li>
+<li class="toctree-l1"><a class="reference internal" href="authenticating-api-requests.html">Authenticating API requests</a></li>
+<li class="toctree-l1"><a class="reference internal" href="revoking-tokens-logout.html">Revoking tokens (logout)</a></li>
+<li class="toctree-l1"><a class="reference internal" href="facebook-sign.html">Facebook sign in</a></li>
+<li class="toctree-l1"><a class="reference internal" href="securing-your-app.html">Security best practices</a></li>
+</ul>
+<p class="caption"><span class="caption-text">User Management & Social Graph</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-management.html">User management & social graph</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/working-user-data.html">Working with User Data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/group.html">Working with group data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/activity.html">Activity</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-connections.html">Social Graph Connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-connections.html#creating-other-connections">Creating other connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/messagee-example.html">App Example - Messagee</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Geo-location</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../geolocation/geolocation.html">Geolocating your Entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Assets & Files</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Counters & Events</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/events-and-counters.html">Counters & events</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html">Creating & incrementing counters</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html#decrementing-resetting-counters">Decrementing/resetting counters</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html#using-counters-hierarchically">Using counters hierarchically</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/retrieving-counters.html">Retrieving counters</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Organizations & Applications</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li>
+</ul>
+<p class="caption"><span class="caption-text">API Reference</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html">Methods</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html#models">Models</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Client SDKs</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../sdks/tbd.html">COMING SOON...</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Installing the Stack</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug1-deploy-to-tomcat.html">Usegrid 1: Deploying to Tomcat</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug1-launcher-quick-start.html">Usegrid 1: Launcher Quick-start</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug2-deploy-to-tomcat.html">Usergrid 2: Deploy to Tomcat</a></li>
+</ul>
+<p class="caption"><span class="caption-text">More about Usergrid</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../reference/presos-and-videos.html">Presentations & Videos</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../reference/contribute-code.html">How to Contribute Code & Docs</a></li>
+</ul>
+
+
+
+ </div>
+
+ </nav>
+
+ <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
+
+
+ <nav class="wy-nav-top" role="navigation" aria-label="top navigation">
+ <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+ <a href="../index.html">Apache Usergrid</a>
+ </nav>
+
+
+
+ <div class="wy-nav-content">
+ <div class="rst-content">
+ <div role="navigation" aria-label="breadcrumbs navigation">
+ <ul class="wy-breadcrumbs">
+ <li><a href="../index.html">Docs</a> »</li>
+
+ <li>Authenticating users & app clients</li>
+ <li class="wy-breadcrumbs-aside">
+
+
+ <a href="../_sources/security-and-auth/authenticating-users-and-application-clients.txt" rel="nofollow"> View page source</a>
+
+
+ </li>
+ </ul>
+ <hr/>
+</div>
+ <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+ <div itemprop="articleBody">
+
+ <div class="section" id="authenticating-users-app-clients">
+<h1>Authenticating users & app clients<a class="headerlink" href="#authenticating-users-app-clients" title="Permalink to this headline">¶</a></h1>
+<p>To protect your Usergrid application data, one of the steps you’ll take
+is to authenticate your app’s users. By ensuring that they are who they
+say they are, you can help ensure that your application’s data is
+available in secure ways. After you’ve created permission rules that
+define access to your application and have associated these rules with
+users, you’ll want to add code that authenticates your user, as
+described in this topic.</p>
+<div class="admonition note"> <p class="first admonition-title"><p>Note</p>
+ </p> <p class="last">
+
+
+You manage access to your application's data by creating permission<p>rules that govern which users can do what. Users authenticated as
+Application User have access according to these rules. For more about
+managing permissions, see <a class="reference external" href="using-permissions.html">Using
+Permissions</a>.</p>
+</p></div><div class="section" id="authentication-levels">
+<h2>Authentication levels<a class="headerlink" href="#authentication-levels" title="Permalink to this headline">¶</a></h2>
+<p>Usergrid supports four levels of authentication:</p>
+<ul class="simple">
+<li><strong>Application user</strong>: Grant’s user access to an API Services
+application, based on the roles and permissions assigned to the user.</li>
+<li><strong>Application client</strong>: Grants full access to perform API requests
+against an API Services application.</li>
+<li><strong>Organization client</strong>: Grants full access to perform API requests
+against an API Services organization.</li>
+<li><strong>Admin user</strong>: Grants full access to perform API requests against
+any API Services organization that the user is an admin of.</li>
+</ul>
+<p>Because the scope of access provided by the application client,
+organization client, and admin user authentication levels is so broad
+(and as a result, so powerful), it’s a bad practice to use them from a
+mobile app or any client-side code. Instead, they’re better suited to
+server-side implementations, such as web applications.</p>
+<p>For a more detailed description of available authentication levels, see
+<a class="reference external" href="user-authentication-types.html">Authentication levels</a>.</p>
+</div>
+<div class="section" id="application-user-authentication-user-login">
+<h2>Application user authentication (user login)<a class="headerlink" href="#application-user-authentication-user-login" title="Permalink to this headline">¶</a></h2>
+<p>Using the username and password values specified when the user entity
+was created, your app can connect to the Usergrid application endpoint
+to request an access token. It’s also acceptable to use the user’s email
+address in place of the username.</p>
+<div class="section" id="using-the-sdks">
+<h3>Using the SDKs<a class="headerlink" href="#using-the-sdks" title="Permalink to this headline">¶</a></h3>
+<p>When a user is logged in using the Usergrid iOS, JavaScript, node.JS and
+Android SDKs, the returned token is automatically stored in the
+UsergridDataClient (iOS), DataClient (Android), or Usergrid.Client
+(JavaScript/node.JS) class instance, and will be sent to the API with
+all subsequent method calls.</p>
+<div class="section" id="request-syntax">
+<h4>Request syntax<a class="headerlink" href="#request-syntax" title="Permalink to this headline">¶</a></h4>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/<orgName>/<appName>/token" -d '{"grant_type":"password", "username":<username>, "password":<password>}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="example-request">
+<h4>Example request<a class="headerlink" href="#example-request" title="Permalink to this headline">¶</a></h4>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/my-org/my-app/token" -d '{"grant_type":"password", "username":"john.doe", "password":"testpw"}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="example-response">
+<h4>Example response<a class="headerlink" href="#example-response" title="Permalink to this headline">¶</a></h4>
+<p>The results include the access token needed to make subsequent API
+requests on behalf of the application user:</p>
+<div class="highlight-python"><div class="highlight"><pre><span class="p">{</span>
+<span class="s">"access_token"</span><span class="p">:</span> <span class="s">"5wuGd-lcEeCUBwBQVsAACA:F8zeMOlcEeCUBwBQVsAACA:YXU6AAABMq0hdy4"</span><span class="p">,</span>
+<span class="s">"expires_in"</span><span class="p">:</span> <span class="mi">3600</span><span class="p">,</span>
+ <span class="s">"user"</span><span class="p">:</span> <span class="p">{</span>
+ <span class="o">...</span>
+ <span class="p">}</span>
+<span class="p">}</span>
+</pre></div>
+</div>
+</div>
+</div>
+</div>
+<div class="section" id="application-client-authentication">
+<h2>Application client authentication<a class="headerlink" href="#application-client-authentication" title="Permalink to this headline">¶</a></h2>
+<p>Using your app’s client id and client secret values, your app can
+connect to the Usergrid application endpoint to request an access token.
+The client ID and secret for your app can be found in ‘Getting Started’
+section of the API Services admin portal, under ‘Server App
+Credentials’.</p>
+<div class="admonition warning"> <p class="first admonition-title"><p>WARNING</p>
+ </p> <p class="last">
+
+
+Warning: You should never authenticate this way from a client-side app<p>such as a mobile app. A hacker could analyze your app and extract the
+credentials for malicious use even if those credentials are compiled and
+in binary format. See “safe mobile access” in <a class="reference external" href="authenticating-api-requests.html">Authenticating API
+requests</a> for additional
+considerations in keeping access to your app and its data secure.</p>
+</p></div><div class="section" id="id1">
+<h3>Request syntax<a class="headerlink" href="#id1" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/<orgName>/<appName>/token" -d '{"grant_type":"client_credentials", "client_id":<application_clientID>, "client_secret":"<application_client_secret>"}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="id2">
+<h3>Example request<a class="headerlink" href="#id2" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/my-org/my-app/token" -d '{"grant_type":"client_credentials", "client_id":"YXB7NAD7EM0MEeJ989xIxPRxEkQ", "client_secret":"YXB7NAUtV9krhhMr8YCw0QbOZH2pxEf"}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="id3">
+<h3>Example response<a class="headerlink" href="#id3" title="Permalink to this headline">¶</a></h3>
+<p>The results include the access token needed to make subsequent API
+requests on behalf of the application:</p>
+<div class="highlight-python"><div class="highlight"><pre><span class="p">{</span>
+ <span class="s">"access_token"</span><span class="p">:</span> <span class="s">"F8zeMOlcEeCUBwBQVsAACA:YXA6AAABMq0d4Mep_UgbZA0-sOJRe5yWlkq7JrDCkA"</span><span class="p">,</span>
+ <span class="s">"expires_in"</span><span class="p">:</span> <span class="mi">3600</span><span class="p">,</span>
+ <span class="s">"application"</span><span class="p">:</span> <span class="p">{</span>
+ <span class="o">...</span>
+ <span class="p">}</span>
+<span class="p">}</span>
+</pre></div>
+</div>
+</div>
+</div>
+<div class="section" id="admin-user-authentication">
+<h2>Admin user authentication<a class="headerlink" href="#admin-user-authentication" title="Permalink to this headline">¶</a></h2>
+<p>If you do require admin user access, your app can connect to the
+Usergrid management endpoint to request an access token. Your app
+supplies the username and password of an admin user in the request.</p>
+<div class="admonition warning"> <p class="first admonition-title"><p>WARNING</p>
+ </p> <p class="last">
+
+
+Warning: Authenticating as an admin user grants full access to one or<p>more organizations and all of the applications contained in those
+organizations. Due to this, be cautious when implementing this type of
+authentication in client-side code. Instead, consider implementing admin
+user access in server-side code only. See “safe mobile access” in
+<a class="reference external" href="authenticating-api-requests.html">Authenticating API requests</a> for
+additional considerations in keeping access to your app and its data
+secure.</p>
+</p></div><div class="section" id="id4">
+<h3>Request syntax<a class="headerlink" href="#id4" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/management/token" -d '{"grant_type":"password", "username":<admin_username>, "password":<admin_password>}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="id5">
+<h3>Example Request<a class="headerlink" href="#id5" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/management/token" -d '{"grant_type":"password", "username":"testadmin", "password":"testadminpw"}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="id6">
+<h3>Example response<a class="headerlink" href="#id6" title="Permalink to this headline">¶</a></h3>
+<p>The results include the access token needed to make subsequent API
+requests on behalf of the admin user:</p>
+<div class="highlight-python"><div class="highlight"><pre><span class="p">{</span>
+ <span class="s">"access_token"</span><span class="p">:</span> <span class="s">"f_GUbelXEeCfRgBQVsAACA:YWQ6AAABMqz_xUyYeErOkKjnzN7YQXXlpgmL69fvaA"</span><span class="p">,</span>
+ <span class="s">"expires_in"</span><span class="p">:</span> <span class="mi">3600</span><span class="p">,</span>
+ <span class="s">"user"</span><span class="p">:</span> <span class="p">{</span>
+ <span class="o">...</span>
+ <span class="p">}</span>
+<span class="p">}</span>
+</pre></div>
+</div>
+</div>
+</div>
+<div class="section" id="organization-client-authentication">
+<h2>Organization client authentication<a class="headerlink" href="#organization-client-authentication" title="Permalink to this headline">¶</a></h2>
+<p>If you do require organization level access, your app can connect to the
+Usergrid management endpoint to request an access token. Access to an
+organization requires the client id and client secret credentials. The
+client ID and secret for your organization can be found on the ‘Org
+Administration’ page of the API Services admin console under
+‘Organization API Credentials’.</p>
+<div class="admonition warning"> <p class="first admonition-title"><p>WARNING</p>
+ </p> <p class="last">
+
+
+Warning: You should never authenticate this way from a client-side app<p>such as a mobile app. A hacker could analyze your app and extract the
+credentials for malicious use even if those credentials are compiled and
+in binary format. See “safe mobile access” in [Authenticating API
+requests](authenticating-api-requests.html for additional considerations
+in keeping access to your app and its data secure.</p>
+</p></div><div class="section" id="id7">
+<h3>Request syntax<a class="headerlink" href="#id7" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/management/token" -d '{"grant_type":"client_credentials", "client_id":<org_clientID>, "client_secret":<org_client_secret>}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="id8">
+<h3>Example request<a class="headerlink" href="#id8" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST "https://api.usergrid.com/management/token" -d '{"grant_type":"client_credentials", "client_id":"YXB7NAD7EM0MEeJ989xIxPRxEkQ", "client_secret":"YXB7NAUtV9krhhMr8YCw0QbOZH2pxEf"}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="id9">
+<h3>Example response<a class="headerlink" href="#id9" title="Permalink to this headline">¶</a></h3>
+<p>The results include the access token needed to make subsequent API
+requests to the organization:</p>
+<div class="highlight-python"><div class="highlight"><pre><span class="p">{</span>
+ <span class="s">"access_token"</span><span class="p">:</span> <span class="s">"gAuFEOlXEeCfRgBQVsAACA:b3U6AAABMqz-Cn0wtDxxkxmQLgZvTMubcP20FulCZQ"</span><span class="p">,</span>
+ <span class="s">"expires_in"</span><span class="p">:</span> <span class="mi">3600</span><span class="p">,</span>
+ <span class="s">"organization"</span><span class="p">:</span> <span class="p">{</span>
+ <span class="o">...</span>
+ <span class="p">}</span>
+<span class="p">}</span>
+</pre></div>
+</div>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ <footer>
+
+ <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
+
+ <a href="user-authentication-types.html" class="btn btn-neutral float-right" title="Authentication levels" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a>
+
+
+ <a href="using-permissions.html" class="btn btn-neutral" title="Using permissions" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a>
+
+ </div>
+
+
+ <hr/>
+
+ <div role="contentinfo">
+ <p>
+ © Copyright 2013-2015, Apache Usergrid.
+
+ </p>
+ </div>
+ Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
+
+</footer>
+
+ </div>
+ </div>
+
+ </section>
+
+ </div>
+
+
+
+
+
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT:'../',
+ VERSION:'1.0',
+ COLLAPSE_INDEX:false,
+ FILE_SUFFIX:'.html',
+ HAS_SOURCE: true
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+
+
+
+
+
+ <script type="text/javascript" src="../_static/js/theme.js"></script>
+
+
+
+
+ <script type="text/javascript">
+ jQuery(function () {
+ SphinxRtdTheme.StickyNav.enable();
+ });
+ </script>
+
+
+</body>
+</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/4a92ab09/content/docs/security-and-auth/changing-token-time-live-ttl.html
----------------------------------------------------------------------
diff --git a/content/docs/security-and-auth/changing-token-time-live-ttl.html b/content/docs/security-and-auth/changing-token-time-live-ttl.html
new file mode 100644
index 0000000..bacf227
--- /dev/null
+++ b/content/docs/security-and-auth/changing-token-time-live-ttl.html
@@ -0,0 +1,389 @@
+
+
+<!DOCTYPE html>
+<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
+<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
+<head>
+ <meta charset="utf-8">
+
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+ <title>Changing token expiration (time-to-live) — Apache Usergrid 1.0 documentation</title>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
+
+
+
+
+
+ <link rel="top" title="Apache Usergrid 1.0 documentation" href="../index.html"/>
+ <link rel="next" title="Authenticating API requests" href="authenticating-api-requests.html"/>
+ <link rel="prev" title="Authentication levels" href="user-authentication-types.html"/>
+
+
+ <script src="../_static/js/modernizr.min.js"></script>
+
+</head>
+
+<body class="wy-body-for-nav" role="document">
+
+ <div class="wy-grid-for-nav">
+
+
+ <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+ <div class="wy-side-nav-search">
+
+
+
+ <a href="../index.html" class="icon icon-home"> Apache Usergrid
+
+
+
+ </a>
+
+
+
+
+ <div class="version">
+ 1.0
+ </div>
+
+
+
+
+<div role="search">
+ <form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
+ <input type="text" name="q" placeholder="Search docs" />
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+
+
+ </div>
+
+ <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
+
+
+
+ <p class="caption"><span class="caption-text">Introduction</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Getting Started</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Data Storage</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/data-store-dbms.html">The Usergrid Data Store</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/optimizing-access.html">Data Store Best Practices</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/collections.html">Collections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/entities.html">Entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Data Queries</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/querying-your-data.html">Querying your data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/query-parameters.html">Query parameters & clauses</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/operators-and-types.html">Query operators & data types</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/advanced-query-usage.html">Advanced query usage</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Entity Connections</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/connecting-entities.html">Connecting entities</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/retrieving-entities.html">Retrieving connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/disconnecting-entities.html">Disconnecting entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Security & Authentication</span></p>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li>
+<li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li>
+<li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="">Changing token expiration (time-to-live)</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#default-ttl">Default ttl</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#changing-the-default-ttl">Changing the default ttl</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#request-syntax">Request syntax</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#example-request">Example Request</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#example-response">Example response</a></li>
+</ul>
+</li>
+<li class="toctree-l2"><a class="reference internal" href="#changing-ttl-when-a-token-is-created">Changing ttl when a token is created</a></li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="authenticating-api-requests.html">Authenticating API requests</a></li>
+<li class="toctree-l1"><a class="reference internal" href="revoking-tokens-logout.html">Revoking tokens (logout)</a></li>
+<li class="toctree-l1"><a class="reference internal" href="facebook-sign.html">Facebook sign in</a></li>
+<li class="toctree-l1"><a class="reference internal" href="securing-your-app.html">Security best practices</a></li>
+</ul>
+<p class="caption"><span class="caption-text">User Management & Social Graph</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-management.html">User management & social graph</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/working-user-data.html">Working with User Data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/group.html">Working with group data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/activity.html">Activity</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-connections.html">Social Graph Connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-connections.html#creating-other-connections">Creating other connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/messagee-example.html">App Example - Messagee</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Geo-location</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../geolocation/geolocation.html">Geolocating your Entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Assets & Files</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Counters & Events</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/events-and-counters.html">Counters & events</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html">Creating & incrementing counters</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html#decrementing-resetting-counters">Decrementing/resetting counters</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html#using-counters-hierarchically">Using counters hierarchically</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/retrieving-counters.html">Retrieving counters</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Organizations & Applications</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li>
+</ul>
+<p class="caption"><span class="caption-text">API Reference</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html">Methods</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html#models">Models</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Client SDKs</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../sdks/tbd.html">COMING SOON...</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Installing the Stack</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug1-deploy-to-tomcat.html">Usegrid 1: Deploying to Tomcat</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug1-launcher-quick-start.html">Usegrid 1: Launcher Quick-start</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug2-deploy-to-tomcat.html">Usergrid 2: Deploy to Tomcat</a></li>
+</ul>
+<p class="caption"><span class="caption-text">More about Usergrid</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../reference/presos-and-videos.html">Presentations & Videos</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../reference/contribute-code.html">How to Contribute Code & Docs</a></li>
+</ul>
+
+
+
+ </div>
+
+ </nav>
+
+ <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
+
+
+ <nav class="wy-nav-top" role="navigation" aria-label="top navigation">
+ <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+ <a href="../index.html">Apache Usergrid</a>
+ </nav>
+
+
+
+ <div class="wy-nav-content">
+ <div class="rst-content">
+ <div role="navigation" aria-label="breadcrumbs navigation">
+ <ul class="wy-breadcrumbs">
+ <li><a href="../index.html">Docs</a> »</li>
+
+ <li>Changing token expiration (time-to-live)</li>
+ <li class="wy-breadcrumbs-aside">
+
+
+ <a href="../_sources/security-and-auth/changing-token-time-live-ttl.txt" rel="nofollow"> View page source</a>
+
+
+ </li>
+ </ul>
+ <hr/>
+</div>
+ <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+ <div itemprop="articleBody">
+
+ <div class="section" id="changing-token-expiration-time-to-live">
+<h1>Changing token expiration (time-to-live)<a class="headerlink" href="#changing-token-expiration-time-to-live" title="Permalink to this headline">¶</a></h1>
+<p>An access token has a “time-to-live” (ttl), which is the maximum time
+that the access token will be valid for use within the application. With
+the Usergrid, you can change the default ttl for all application user
+tokens, set the ttl for an individual token at the time of creation, or
+revoke one or more tokens. This gives you a high degree of control over
+access to your Usergrid account and data store.</p>
+<div class="section" id="default-ttl">
+<h2>Default ttl<a class="headerlink" href="#default-ttl" title="Permalink to this headline">¶</a></h2>
+<p>By default, all tokens have a system-defined time-to-live of 7 days
+(604800 seconds). Note that Token ttl is specified in milliseconds, but
+when a token is created, the API response will return the ttl in
+seconds.</p>
+</div>
+<div class="section" id="changing-the-default-ttl">
+<h2>Changing the default ttl<a class="headerlink" href="#changing-the-default-ttl" title="Permalink to this headline">¶</a></h2>
+<p>You can change the default ttl for all application user tokens (that is,
+tokens associated with a user entity) by updating the application
+entity’s accesstokenttl property. Changing the default ttl will only
+affect new tokens. Any existing tokens will not be affected.</p>
+<p>Please note that this does not apply to application client, organization
+client or admin user tokens. For more on obtaining tokens for these
+other authorization levels, see <a class="reference external" href="authenticating-users-and-application-clients.html">Authenticating users and application
+clients</a>.</p>
+<p><strong>Note</strong>: If you set ttl=0, the token will never expire. This can pose a
+security risk and should be used with caution.</p>
+<div class="section" id="request-syntax">
+<h3>Request syntax<a class="headerlink" href="#request-syntax" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre>curl -X PUT https://api.usergrid.com/<org_name>/<app_name> -d '{"accesstokenttl":<ttl_in_milliseconds>}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="example-request">
+<h3>Example Request<a class="headerlink" href="#example-request" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre>curl -X PUT https://api.usergrid.com/your-org/your-app -d '{"accesstokenttl":"1800000"}'
+</pre></div>
+</div>
+</div>
+<div class="section" id="example-response">
+<h3>Example response<a class="headerlink" href="#example-response" title="Permalink to this headline">¶</a></h3>
+<div class="highlight-python"><div class="highlight"><pre><span class="p">{</span>
+ <span class="s">"action"</span> <span class="p">:</span> <span class="s">"put"</span><span class="p">,</span>
+ <span class="s">"application"</span> <span class="p">:</span> <span class="s">"d878de4r-99a7-11e3-b31d-5373d7165c2d"</span><span class="p">,</span>
+ <span class="s">"params"</span> <span class="p">:</span> <span class="p">{</span>
+ <span class="s">"access_token"</span> <span class="p">:</span> <span class="p">[</span> <span class="s">"DFR4d5M1mJmoEeOGVPncm-g9qgAAAURv_lfQ7uu6aYHjJJn7QCrGoVnvU-ob5Ko"</span> <span class="p">]</span>
+ <span class="p">},</span>
+ <span class="s">"uri"</span> <span class="p">:</span> <span class="s">"https://api.usergrid.com/amuramoto/secured"</span><span class="p">,</span>
+ <span class="s">"entities"</span> <span class="p">:</span> <span class="p">[</span> <span class="p">{</span>
+ <span class="s">"uuid"</span> <span class="p">:</span> <span class="s">"d878de4r-99a7-11e3-b31d-5373d7165c2d"</span><span class="p">,</span>
+ <span class="s">"type"</span> <span class="p">:</span> <span class="s">"application"</span><span class="p">,</span>
+ <span class="s">"name"</span> <span class="p">:</span> <span class="s">"your-org/your-app"</span><span class="p">,</span>
+ <span class="s">"created"</span> <span class="p">:</span> <span class="mi">1392843003032</span><span class="p">,</span>
+ <span class="s">"modified"</span> <span class="p">:</span> <span class="mi">1392843615777</span><span class="p">,</span>
+ <span class="s">"accesstokenttl"</span> <span class="p">:</span> <span class="mi">1800000</span><span class="p">,</span>
+ <span class="s">"organizationName"</span> <span class="p">:</span> <span class="s">"your-org"</span><span class="p">,</span>
+ <span class="s">"applicationName"</span> <span class="p">:</span> <span class="s">"your-app"</span><span class="p">,</span>
+ <span class="s">"apigeeMobileConfig"</span> <span class="p">:</span> <span class="s">"{...}"</span><span class="p">,</span>
+ <span class="s">"metadata"</span> <span class="p">:</span> <span class="p">{</span>
+ <span class="s">"collections"</span> <span class="p">:</span> <span class="p">[</span> <span class="s">"activities"</span><span class="p">,</span> <span class="s">"assets"</span><span class="p">,</span> <span class="s">"devices"</span><span class="p">,</span> <span class="s">"events"</span><span class="p">,</span> <span class="s">"folders"</span><span class="p">,</span> <span class="s">"groups"</span><span class="p">,</span> <span class="s">"roles"</span><span class="p">,</span> <span class="s">"users"</span> <span class="p">]</span>
+ <span class="p">}</span>
+ <span class="p">}</span> <span class="p">],</span>
+ <span class="s">"timestamp"</span> <span class="p">:</span> <span class="mi">1392843615767</span><span class="p">,</span>
+ <span class="s">"duration"</span> <span class="p">:</span> <span class="mi">28</span><span class="p">,</span>
+ <span class="s">"organization"</span> <span class="p">:</span> <span class="s">"your-org"</span><span class="p">,</span>
+ <span class="s">"applicationName"</span> <span class="p">:</span> <span class="s">"your-app"</span>
+<span class="p">}</span>
+</pre></div>
+</div>
+</div>
+</div>
+<div class="section" id="changing-ttl-when-a-token-is-created">
+<h2>Changing ttl when a token is created<a class="headerlink" href="#changing-ttl-when-a-token-is-created" title="Permalink to this headline">¶</a></h2>
+<p>When you request an access token, you can override its ttl by including
+a ttl property in the body of the request when the token is created.
+This applies to tokens for all authentication levels, including
+application user, admin user, organization client, and application
+client authentication levels.</p>
+<p>The ttl must be equal to or less than the value of the application
+entity’s accesstokenttl property. If you specify a ttl value greater
+than the value of accesstokenttl, an error message is returned that
+indicates the maximum time to live value that can be specified.</p>
+<p>For example, the following would create an application user token with a
+ttl of 180000000 milliseconds:</p>
+<div class="highlight-python"><div class="highlight"><pre>curl -X POST https://api.usergrid.com/your-org/your-app/token -d '{"username":"someUser", "password":"somePassword", "grant_type":"password", "ttl":"180000000"}'
+</pre></div>
+</div>
+<p><strong>Note</strong>: If you set ttl=0, the token will never expire. This can pose a
+security risk and should be used with caution.</p>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ <footer>
+
+ <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
+
+ <a href="authenticating-api-requests.html" class="btn btn-neutral float-right" title="Authenticating API requests" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a>
+
+
+ <a href="user-authentication-types.html" class="btn btn-neutral" title="Authentication levels" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a>
+
+ </div>
+
+
+ <hr/>
+
+ <div role="contentinfo">
+ <p>
+ © Copyright 2013-2015, Apache Usergrid.
+
+ </p>
+ </div>
+ Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
+
+</footer>
+
+ </div>
+ </div>
+
+ </section>
+
+ </div>
+
+
+
+
+
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT:'../',
+ VERSION:'1.0',
+ COLLAPSE_INDEX:false,
+ FILE_SUFFIX:'.html',
+ HAS_SOURCE: true
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+
+
+
+
+
+ <script type="text/javascript" src="../_static/js/theme.js"></script>
+
+
+
+
+ <script type="text/javascript">
+ jQuery(function () {
+ SphinxRtdTheme.StickyNav.enable();
+ });
+ </script>
+
+
+</body>
+</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/4a92ab09/content/docs/security-and-auth/facebook-sign.html
----------------------------------------------------------------------
diff --git a/content/docs/security-and-auth/facebook-sign.html b/content/docs/security-and-auth/facebook-sign.html
new file mode 100644
index 0000000..69ca5a2
--- /dev/null
+++ b/content/docs/security-and-auth/facebook-sign.html
@@ -0,0 +1,506 @@
+
+
+<!DOCTYPE html>
+<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
+<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
+<head>
+ <meta charset="utf-8">
+
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+
+ <title>Facebook sign in — Apache Usergrid 1.0 documentation</title>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ <link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
+
+
+
+
+
+ <link rel="top" title="Apache Usergrid 1.0 documentation" href="../index.html"/>
+ <link rel="next" title="Security best practices" href="securing-your-app.html"/>
+ <link rel="prev" title="Revoking tokens (logout)" href="revoking-tokens-logout.html"/>
+
+
+ <script src="../_static/js/modernizr.min.js"></script>
+
+</head>
+
+<body class="wy-body-for-nav" role="document">
+
+ <div class="wy-grid-for-nav">
+
+
+ <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+ <div class="wy-side-nav-search">
+
+
+
+ <a href="../index.html" class="icon icon-home"> Apache Usergrid
+
+
+
+ </a>
+
+
+
+
+ <div class="version">
+ 1.0
+ </div>
+
+
+
+
+<div role="search">
+ <form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
+ <input type="text" name="q" placeholder="Search docs" />
+ <input type="hidden" name="check_keywords" value="yes" />
+ <input type="hidden" name="area" value="default" />
+ </form>
+</div>
+
+
+ </div>
+
+ <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
+
+
+
+ <p class="caption"><span class="caption-text">Introduction</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/usergrid-features.html">Usergrid Features</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/data-model.html">Usergrid Data model</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../introduction/async-vs-sync.html">Async vs. sync calls</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Getting Started</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-a-new-application.html">Creating a new application</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/creating-account.html">Creating an Usergrid Account</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/using-a-sandbox-app.html">Using a Sandbox Application</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../getting-started/using-the-api.html">Using the API</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Data Storage</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/data-store-dbms.html">The Usergrid Data Store</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/optimizing-access.html">Data Store Best Practices</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/collections.html">Collections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-storage/entities.html">Entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Data Queries</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/querying-your-data.html">Querying your data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/query-parameters.html">Query parameters & clauses</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/operators-and-types.html">Query operators & data types</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../data-queries/advanced-query-usage.html">Advanced query usage</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Entity Connections</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/connecting-entities.html">Connecting entities</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/retrieving-entities.html">Retrieving connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../entity-connections/disconnecting-entities.html">Disconnecting entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Security & Authentication</span></p>
+<ul class="current">
+<li class="toctree-l1"><a class="reference internal" href="app-security.html">Security & token authentication</a></li>
+<li class="toctree-l1"><a class="reference internal" href="using-permissions.html">Using permissions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="authenticating-users-and-application-clients.html">Authenticating users & app clients</a></li>
+<li class="toctree-l1"><a class="reference internal" href="user-authentication-types.html">Authentication levels</a></li>
+<li class="toctree-l1"><a class="reference internal" href="changing-token-time-live-ttl.html">Changing token expiration (time-to-live)</a></li>
+<li class="toctree-l1"><a class="reference internal" href="authenticating-api-requests.html">Authenticating API requests</a></li>
+<li class="toctree-l1"><a class="reference internal" href="revoking-tokens-logout.html">Revoking tokens (logout)</a></li>
+<li class="toctree-l1 current"><a class="current reference internal" href="">Facebook sign in</a><ul>
+<li class="toctree-l2"><a class="reference internal" href="#facebook-login-example">Facebook login example</a><ul>
+<li class="toctree-l3"><a class="reference internal" href="#step-1-create-a-facebook-app">Step 1: Create a Facebook app</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#step-2-invoke-the-facebook-oauth-dialog">Step 2: Invoke the Facebook OAuth dialog</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#step-3-add-the-javascript-sdk-for-facebook">Step 3: Add the JavaScript SDK for Facebook</a></li>
+<li class="toctree-l3"><a class="reference internal" href="#step-4-setup-fb-login">Step 4. Setup FB.login</a></li>
+</ul>
+</li>
+</ul>
+</li>
+<li class="toctree-l1"><a class="reference internal" href="securing-your-app.html">Security best practices</a></li>
+</ul>
+<p class="caption"><span class="caption-text">User Management & Social Graph</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-management.html">User management & social graph</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/working-user-data.html">Working with User Data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/group.html">Working with group data</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/activity.html">Activity</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-connections.html">Social Graph Connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/user-connections.html#creating-other-connections">Creating other connections</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../user-management/messagee-example.html">App Example - Messagee</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Geo-location</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../geolocation/geolocation.html">Geolocating your Entities</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Assets & Files</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/uploading-assets.html">Uploading assets</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/retrieving-assets.html">Retrieving assets</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../asset-and-files/folders.html">Folders</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Counters & Events</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/events-and-counters.html">Counters & events</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html">Creating & incrementing counters</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html#decrementing-resetting-counters">Decrementing/resetting counters</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/creating-and-incrementing-counters.html#using-counters-hierarchically">Using counters hierarchically</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../counters-and-events/retrieving-counters.html">Retrieving counters</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Organizations & Applications</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/managing.html">Organization & application management</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/organization.html">Organization</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../orgs-and-apps/application.html">Application</a></li>
+</ul>
+<p class="caption"><span class="caption-text">API Reference</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html">Methods</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../rest-endpoints/api-docs.html#models">Models</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Client SDKs</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../sdks/tbd.html">COMING SOON...</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Installing the Stack</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug1-deploy-to-tomcat.html">Usegrid 1: Deploying to Tomcat</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug1-launcher-quick-start.html">Usegrid 1: Launcher Quick-start</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../installation/ug2-deploy-to-tomcat.html">Usergrid 2: Deploy to Tomcat</a></li>
+</ul>
+<p class="caption"><span class="caption-text">More about Usergrid</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../reference/presos-and-videos.html">Presentations & Videos</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../reference/contribute-code.html">How to Contribute Code & Docs</a></li>
+</ul>
+
+
+
+ </div>
+
+ </nav>
+
+ <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
+
+
+ <nav class="wy-nav-top" role="navigation" aria-label="top navigation">
+ <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+ <a href="../index.html">Apache Usergrid</a>
+ </nav>
+
+
+
+ <div class="wy-nav-content">
+ <div class="rst-content">
+ <div role="navigation" aria-label="breadcrumbs navigation">
+ <ul class="wy-breadcrumbs">
+ <li><a href="../index.html">Docs</a> »</li>
+
+ <li>Facebook sign in</li>
+ <li class="wy-breadcrumbs-aside">
+
+
+ <a href="../_sources/security-and-auth/facebook-sign.txt" rel="nofollow"> View page source</a>
+
+
+ </li>
+ </ul>
+ <hr/>
+</div>
+ <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+ <div itemprop="articleBody">
+
+ <div class="section" id="facebook-sign-in">
+<h1>Facebook sign in<a class="headerlink" href="#facebook-sign-in" title="Permalink to this headline">¶</a></h1>
+<p>You can authenticate your Usergrid requests by logging into Facebook. To
+access Usergrid resources, you need to provide an access token with each
+request (unless you use the sandbox app). You can get an access token by
+connecting to an appropriate web service endpoint and providing the
+correct client credentials — this is further described in Authenticating
+users and application clients. However, you can also obtain an access
+token by logging into Facebook.</p>
+<p>To enable authentication to Usergrid through Facebook, do the following
+in your app:</p>
+<ol class="arabic simple">
+<li>Make a login call to the Facebook API (do this using the Facebook SDK
+or API). If the login succeeds, a Facebook access token is returned.</li>
+<li>Send the Facebook access token to Usergrid. If the Facebook access
+token is valid and the user does not already exist in Usergrid,
+Usergrid provisions a new Usergrid user. It also returns an Usergrid
+access token, which you can use for subsequent Usergrid API calls.
+Behind the scenes, Usergrid uses the Facebook access token to
+retrieve the user’s profile information from Facebook.</li>
+<li>If the Facebook access token is invalid, Facebook returns an OAuth
+authentication error, and the login does not succeed.</li>
+</ol>
+<p>The request to authenticate to Usergrid using a Facebook access token
+is:</p>
+<div class="highlight-python"><div class="highlight"><pre>GET https://api.usergrid.com/{my_org}/{my_app}/auth/facebook?fb_access_token={fb_access_token}
+</pre></div>
+</div>
+<p>where:</p>
+<ul class="simple">
+<li><code class="docutils literal"><span class="pre">{my_org}</span></code> is the organization UUID or organization name.</li>
+<li><code class="docutils literal"><span class="pre">{my_app}</span></code> is the application UUID or application name.</li>
+<li><code class="docutils literal"><span class="pre">{fb_access_token}</span></code> is the Facebook access token.</li>
+</ul>
+<div class="section" id="facebook-login-example">
+<h2>Facebook login example<a class="headerlink" href="#facebook-login-example" title="Permalink to this headline">¶</a></h2>
+<p>The Facebook technical guides for login present detailed information on
+how to add Facebook login to your app. Instructions are provided for
+JavaScript, iOS, and Android.</p>
+<p>In brief, here are the steps for JavaScript. You can see these steps
+implemented in the Facebook login example packaged with the JavaScript
+SDK for Usergrid (which you can download in ZIP format or tar.gz
+format). The Facebook login example is in the /examples/facebook
+directory of the extracted download. The code example snippets shown
+below are taken from the Facebook login example.</p>
+<div class="section" id="step-1-create-a-facebook-app">
+<h3>Step 1: Create a Facebook app<a class="headerlink" href="#step-1-create-a-facebook-app" title="Permalink to this headline">¶</a></h3>
+<p>Create a new app on the Facebook App Dashboard. Enter your app’s basic
+information. Once created, note the app ID shown at the top of the
+dashboard page.</p>
+</div>
+<div class="section" id="step-2-invoke-the-facebook-oauth-dialog">
+<h3>Step 2: Invoke the Facebook OAuth dialog<a class="headerlink" href="#step-2-invoke-the-facebook-oauth-dialog" title="Permalink to this headline">¶</a></h3>
+<p>Invoke the Facebook OAuth Dialog. To do that, redirect the user’s
+browser to a URL by inserting the following Javascript code after the
+opening</p>
+<body><p>tag in your app’s HTML file:</p>
+<div class="highlight-python"><div class="highlight"><pre>https://www.facebook.com/dialog/oauth/?
+ client_id={YOUR_APP_ID}
+ &redirect_uri={YOUR_REDIRECT_URL}
+ &state={YOUR_STATE_VALUE}
+ &scope={COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES}
+ &response_type={YOUR_RESPONSE_TYPE}
+</pre></div>
+</div>
+<p>where:</p>
+<p><code class="docutils literal"><span class="pre">{YOUR_APP_ID}</span></code> is the app ID. <code class="docutils literal"><span class="pre">{YOUR_REDIRECT_URL}</span></code> is the
+application UUID or application name. <code class="docutils literal"><span class="pre">{YOUR_STATE_VALUE}</span></code> is a unique
+string used to maintain application state between the request and
+callback. <code class="docutils literal"><span class="pre">{COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES}</span></code> is a comma
+separated list of permission names which you would like the user to
+grant your application. <code class="docutils literal"><span class="pre">{YOUR_RESPONSE_TYPE}</span></code>is the requested
+response type, either code or token. Defaults to code. Set the response
+type to token. With the response type set to token, the Dialog’s
+response will include an OAuth user access token in the fragment of the
+URL the user is redirected to, as per the client-side authentication
+flow.</p>
+<p>Here is how it’s done in the Facebook login example:</p>
+<div class="highlight-python"><div class="highlight"><pre>var apiKey = $("#api-key").val();
+var location = window.location.protocol + '//' + window.location.host;
+var path = window.location.pathname;
+
+var link = "https://www.facebook.com/dialog/oauth?client_id=";
+link += apiKey;
+link += "&redirect_uri=";
+link += location+path
+link += "&scope&COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES&response_type=token";
+
+//now forward the user to facebook
+window.location = link;
+</pre></div>
+</div>
+<p>Notice that the response type is set to token. As a result, a Facebook
+access token will be appended to the URL to which the user is
+redirected.</p>
+</div>
+<div class="section" id="step-3-add-the-javascript-sdk-for-facebook">
+<h3>Step 3: Add the JavaScript SDK for Facebook<a class="headerlink" href="#step-3-add-the-javascript-sdk-for-facebook" title="Permalink to this headline">¶</a></h3>
+<p>Add the following Javascript SDK initialization code after the code that
+invokes the Facebook OAuth Dialog. The code will load and initialize the
+JavaScript SDK in your HTML page. Replace <code class="docutils literal"><span class="pre">YOUR_APP_ID</span></code> with the App
+ID noted in Step 1, and WWW.YOUR_DOMAIN.COM with your own domain.</p>
+<div class="highlight-python"><div class="highlight"><pre>window.fbAsyncInit = function() {
+ FB.init({
+ appId : 'YOUR_APP_ID', // App ID
+ channelUrl : '//WWW.YOUR_DOMAIN.COM/channel.html', // Channel File
+ status : true, // check login status
+ cookie : true, // enable cookies to allow the server to access the session
+ xfbml : true // parse XFBML
+ });
+</pre></div>
+</div>
+<p>Here is how the window.fbAsynchInit() function is implemented in the
+Facebook login example:</p>
+<div class="highlight-python"><div class="highlight"><pre>//load up the facebook api sdk
+ window.fbAsyncInit = function() {
+ FB.init({
+ appId : '308790195893570', // App ID
+ channelUrl : '//usergridsdk.dev//examples/channel.html', // Channel File
+ status : true, // check login status
+ cookie : true, // enable cookies to allow the server to access the session
+ xfbml : true // parse XFBML
+ });
+ };
+</pre></div>
+</div>
+</div>
+<div class="section" id="step-4-setup-fb-login">
+<h3>Step 4. Setup FB.login<a class="headerlink" href="#step-4-setup-fb-login" title="Permalink to this headline">¶</a></h3>
+<p>Whenever a user is either not logged into Facebook or not authorized for
+an app, it is useful to prompt them with the relevant dialog. The
+<code class="docutils literal"><span class="pre">FB.login()</span></code> Javascript SDK function automatically displays the
+correct one to the user.</p>
+<p>To integrate <code class="docutils literal"><span class="pre">FB.login()</span></code> function in your existing code:</p>
+<div class="highlight-python"><div class="highlight"><pre>function login() {
+ FB.login(function(response) {
+ if (response.authResponse) {
+ // connected
+ } else {
+ // cancelled
+ }
+ });
+}
+</pre></div>
+</div>
+<p>Here is how <code class="docutils literal"><span class="pre">FB.login()</span></code> is implemented in the Facebook login example:</p>
+<div class="highlight-python"><div class="highlight"><pre>function login(facebookAccessToken) {
+ client.loginFacebook(facebookAccessToken, function(err, response){
+ var output = JSON.stringify(response, null, 2);
+ if (err) {
+ var html = '<pre>Oops! There was an error logging you in. \r\n\r\n';
+ html += 'Error: \r\n' + output+'</pre>';
+ } else {
+ var html = '<pre>Hurray! You have been logged in. \r\n\r\n';
+ html += 'Facebook Token: ' + '\r\n' + facebookAccessToken + '\r\n\r\n';
+ html += 'Facebook Profile data stored in Usergrid: \r\n' + output+'</pre>';
+ }
+ $('#facebook-status').html(html);
+ })
+ }
+</pre></div>
+</div>
+<p>The <code class="docutils literal"><span class="pre">client.loginFacebook()</span></code> function is provided by the Usergrid
+JavaScript SDK. It uses the Facebook auth token to obtain an Usergrid
+auth token. If the Facebook access token is valid and the user does not
+already exist in Usergrid, the function creates a user entity for the
+user. It also uses the Facebook access token to retrieve the user’s
+profile information from Facebook.</p>
+<p>Here is what the <code class="docutils literal"><span class="pre">client.loginFacebook()</span></code> function looks like:</p>
+<div class="highlight-python"><div class="highlight"><pre>Usergrid.Client.prototype.loginFacebook = function (facebookToken, callback) {
+ var self = this;
+ var options = {
+ method:'GET',
+ endpoint:'auth/facebook',
+ qs:{
+ fb_access_token: facebookToken
+ }
+ };
+ this.request(options, function(err, data) {
+ var user = {};
+ if (err && self.logging) {
+ console.log('error trying to log user in');
+ } else {
+ user = new Usergrid.Entity('users', data.user);
+ self.setToken(data.access_token);
+ }
+ if (typeof(callback) === 'function') {
+ callback(err, data, user);
+ }
+ });
+}
+</pre></div>
+</div>
+<p>Notice that the function also returns an Usergrid access token, which
+you can use for subsequent Usergrid API calls.</p>
+<p>Remember to create a client for your app, which is the main entry point
+to the JavaScript SDK for Usergrid. You need to do this before you can
+use the SDK. Here’s the code to create a client:</p>
+<div class="highlight-python"><div class="highlight"><pre>var client = new Usergrid.Client({
+ orgName:'yourorgname',
+ appName:'yourappname',
+ logging: true, //optional - turn on logging, off by default
+ buildCurl: true //optional - turn on curl commands, off by default
+});
+</pre></div>
+</div>
+</div>
+</div>
+</div>
+
+
+ </div>
+ </div>
+ <footer>
+
+ <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
+
+ <a href="securing-your-app.html" class="btn btn-neutral float-right" title="Security best practices" accesskey="n">Next <span class="fa fa-arrow-circle-right"></span></a>
+
+
+ <a href="revoking-tokens-logout.html" class="btn btn-neutral" title="Revoking tokens (logout)" accesskey="p"><span class="fa fa-arrow-circle-left"></span> Previous</a>
+
+ </div>
+
+
+ <hr/>
+
+ <div role="contentinfo">
+ <p>
+ © Copyright 2013-2015, Apache Usergrid.
+
+ </p>
+ </div>
+ Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
+
+</footer>
+
+ </div>
+ </div>
+
+ </section>
+
+ </div>
+
+
+
+
+
+ <script type="text/javascript">
+ var DOCUMENTATION_OPTIONS = {
+ URL_ROOT:'../',
+ VERSION:'1.0',
+ COLLAPSE_INDEX:false,
+ FILE_SUFFIX:'.html',
+ HAS_SOURCE: true
+ };
+ </script>
+ <script type="text/javascript" src="../_static/jquery.js"></script>
+ <script type="text/javascript" src="../_static/underscore.js"></script>
+ <script type="text/javascript" src="../_static/doctools.js"></script>
+
+
+
+
+
+ <script type="text/javascript" src="../_static/js/theme.js"></script>
+
+
+
+
+ <script type="text/javascript">
+ jQuery(function () {
+ SphinxRtdTheme.StickyNav.enable();
+ });
+ </script>
+
+
+</body>
+</html>
\ No newline at end of file