API Access Token - Password

[AlfyG]

Hi. Apologies if I have missed something, but I am trying to connect to the Intersect API. Just for testing, I have been using Postman. Still quite new to it, and having a problem getting an auth token. Access is enabled in config and I have granted myself user.manage access, but I am unable to get a token.

 

I thought the issue may be my password. In the documenrarion that getting an authentication token requires the SHA256 hash of my password. Reading around though, it seems that accessing the database in other ways requires a re-hashed password once the SALT has been added (ie hash password, then add salt, then hash again)

 

So, my question is, which do I need to use to access to the API; the hash of my plaintext password, or the hash of my plaintext password+salt and hashed again?

 

Sorry if it's a bit garbled. Any help is appreciated Cheers.

[Cheshire]

Just a hash of your plain password is required. 

[AlfyG]

33 minutes ago, Cheshire said:

Just a hash of your plain password is required. 

 

Excellent. Thank you, esp for the quick response. Will continue having a play with it.

[abdlgafar]

API authentication can be a bit tricky, especially when you're just starting. To access the Intersect API, you typically need the hash of your plaintext password, not the one with the salt added.
You're on the right track by granting yourself user.manage access, but make sure you're using the correct hashing method (SHA256) for your password. Keep things simple and use the hash of your plain password, and you should be good to go.
If you're ever in the world of crypto, using a tool like cryptomixer can help add an extra layer of protection to your transactions.