Introduction:

Welcome to the SMAGLink developer portal !

This portal gives you access to Smag APIs universe. In particular, it provides access to the following APIs:

  • Weather
  • Crop
  • Farms & Fields
  • Authentication
  • and many others ...

URL:

URL Description
https://api.smag.tech/  URL for the SmagLink's Apis
https://developers.smag.tech/  URL for the SmagLink Developper Portal

Glossary:

Term Definition
GUID A GUID (globally unique identifier) is a unique identifier for a software component.
It is of the format: 00000000-0000-0000-0000-000000000000
Token An authentication token is a strong and secure authentication solution.
Subscription-Key Mandatory subscription key to be retrieved by the SmagLink developer portal. Found in your Profile.
Endpoint

A endpoint of an API is simply a unique URL that represents an object or collection of objects.

API

The application programming interface (API) is a standardized set of classes, methods, or functions that allows a software application to provide services to other software.
For SmagLink, an API is a functional domain.

JWT

JSON Web Token (JWT) allows the secure exchange of tokens between multiple parties. More information JWT.io.

Smag Token:

Request a token

This Endpoint makes it possible to obtain a token : Request a token with login/password (you must create an account to test the API)

Example of a body:

 

}

"ApplicationId":"MyApplicationID",

"UserName":"testuser@aol.tech",

"Password": "Password1"

}

 

Responses

The response contains the token, the refresh token key and various information that make up the token, including subscriptions.

Example of response:

{
"ApplicationId": "MyApplicationID",
"UserId": "MyUserId",
"AuthId": "MyAuthId",
"Token": "MYTOKEN (ey...)","Refresh_Token": "MyRefreshToken",
"Identity": {
"application_id": "MyApplicationID",
"application_type": "APP1",
"application_name": "APP1",
"application_code": "APP1",
"Logins": [ "181","180"]
},
"Identities": [
{
"application_id": "MyApplicationID",
"application_type": "APP1",
"application_name": "APP1",
"application_code": "APP1",
"Logins": [ "181","180"]
}],
"VaultKey": "https://thekeyvault"
}

 

Your token is present in the TOKEN part in the response.

Security:

Introduction:

SMAG authentication works with an RS256 encryption algorithm.
RS256 (RSA signature with SHA-256) is an asymmetric algorithm and uses a public / private key pair: the identity provider has a private key (secret) used to generate the signature and the consumer of the JWT obtains a public key validate Signature. Because the public key, unlike the private key, does not need to be secure, most identity providers make it easily available and accessible to consumers (usually via a metadata URL).

Authentication:

The connection to a Smag account is done in two stages:

  • User authentication, performed by a third party: Auth0, security guarantor (password strength, brute force attack, confidentiality, uniqueness of a login / password)
  • Retrieving login information and redirection to the application with a token containing the information needed to open a work session.

Login to a Smag account via the login page in 4 steps (eg connection of a website or an application with a callback):

Authentication

Example:

You can use the Example API to practice API operations : Example API (you must create an account to test the API)