Home > API Reference > Kerberos Authentication

Kerberos Authentication

SigningHub uses OAuth 2.0 to authorize client requests. This API endpoint will present a Kerberos authentication challenge if the API is called in a browser that supports Kerberos authentication. 

To get the Windows Kerberos dialog for authentication, use "withCredentials" in jQuery AJAX calls.  Or on server side language like c# HttpClient object you can use "UseDefaultCredentials" with HTTP(S) requests. 

 

https://api.signinghub.com/authenticate/kerberos

HTTP Verb

POST

Accept

application/json

Request Body

{
   "client_id": "12345asdfasdf3453453...",
   "client_secret": "123134235DFGH4576456..."
}

Status Code

Message

Response Body

200

OK
{
   "access_token": "454-j34jr67gj0h76nj59g4he895jh87n",
   "token_type": "bearer",
   "expires_in": 86399,
   "refresh_token": "fdb8fdbecf1d03ce5e6125c067733c0d51de209c"
}
401 Unauthorized
403 Forbidden
{
   "error": "account_disabled",
   "error_description": "Account is disabled"
}

500

Internal Server Error

{
    "error": "internal_error",
    "error_description": "An internal server error occurred while processing the request"
}

The detail of each item provided in the request and response is provided below:
 Item Details
 Names
  Description
 Request Parameters
 client_id Application Name that you have configured in your Enterprise Account when configuring the integration options.
 client_secret API Key that you generated in your Enterprise Account when configuring the integration options.
 Response Parameters
 access_token User authentication access token - bearer token for subsequent authorisation to other API calls.
 token_type Type of the token returned by authorization server. It is always set to "bearer".
 expires_in Number of seconds for which this access token is valid.  Fixed value of 86,399 seconds (24 hours).
 refresh_token If access_token is expired, refresh token is used along with grant type refresh_token.  If refresh token is provided, user name, password and scope attributes can be treated as optional. 
 Message The service specific error message returned by the API. This message provides useful information about why the service has returned an error response.


See also
Authentication
Get Service Agreements
OTP Login Authentication
Revoke Refresh Tokens
Single Sign On Authentication
Get Public Authentication Profiles
Pre Login Authentication
Logout
SigningHub Admin APIs
Enterprise Management
Document Package
Document Workflow
Document Preparation
Document Processing
Account Management
Personal Settings
Appendix
Get SigningHub Admin Branding
Get SH Admin Branding Logo
Get SH Admin Branding Favicon
System Settings
Publish Workflow Completion Report
Get Profile Picture of Recipient
Get Enterprise Branding Logo
Get Enterprise Branding Favicon
OTP Verification