V-Spark Online Help

V‑Spark API Permission Requirements

When calling any V‑Spark REST API function, you must provide an authorization token that shows that you have the right to perform the operation that you are requesting. V‑Spark provides two different types of authorization tokens:

  • root token - authorizes you to call any V‑Spark API and perform any V‑Spark API operation. This includes API functions that apply to your entire V‑Spark installation and span multiple companies, such as /config, /config/users, /config/orgs, /config/folders, /config/apps, and /config/system/readonly. The root token also authorizes you to call any company-specific, organization-specific, folder-specific, or application-specific API function. The root token for a V‑Spark installation is found in the file /opt/voci/state/vspark/apitoken on the system on which V‑Spark is installed. This token is therefore only available to users who can access the machine on which V‑Spark is installed, and who have sufficient privileges to access the V‑Spark installation.

  • company token - authorizes you to call any V‑Spark API within the scope of that company and perform any V‑Spark API operation that is within the scope of that company. This includes general API calls that require one or more company-related arguments such CO_SHORT identifies the company that is associated with that token, ORG_SHORT is the name of an organization within that company, and FOLDER identifies a folder within an organization. Examples of such API calls are /transcribe/ORG_SHORT/FOLDER, /request/ ORG_SHORT, /config/ CO_SHORT, /config/CO_SHORT/ORG_SHORT, and so on. A company's authorization token is found on the V‑Spark Settings page in the Company section.

Figure 1. Location of a Company Authorization Token
Location of a Company Authorization Token