Authentication

Access token

In order to use the API you need to include a JWT (JSON Web Token) and a company ID in the HTTP headers.

Retrieve token

To retrieve a JWT you need to authenticate using Basic Auth towards https://app.grcwatch.com/api/auth

POST /api/auth

Headers: {
  Authorization: Basic base64(user:pass)
}

In the example above, base64() is a function that base64 encodes the string user:pass, where user is the email and pass is the password for your GRC Watch account.

The actual request should look more like this:

POST /api/auth

Headers: {
  Authorization: Basic ZXhhbXBsZUB2ZXJpZmllZC5ldTpwYXNzd29yZDEyMw==
}

Where ZXhhbXBsZUB2ZXJpZmllZC5ldTpwYXNzd29yZDEyMw== is the result of base64 encoding example@grcwatch.com:password123

Renew token

The JWT tokens are only valid for 7 days. After this you either have to authenticate again or renew your existing token. Renewing the token can be done by making a request to https://app.grcwatch.com/api/auth/token using your current JWT token generated by the Retrieve token API

GET /api/auth/token

Headers: {
  Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
}

The response will be a JSON object containing a new token.

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

The new token will be valid for another 7 days.

Note: renewing the token will invalidate the older one.

Use token

When making a request to any of the GRC Watch API Endpoints you have to include an Authorization header containing your token and prepend it with Bearer

Headers: {
  Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
}

API Documentation

Authentication

Access token

Retrieve token

Renew token

Use token