In Eagle Eye Networks API V3, the authentication method has been upgraded from using cookie authentication to an OAuth Bearer Access Token. This change brings several advantages, such as:
Improved Security:Integrating API V3 requires that all endpoints are migrated to API V3. All existing accounts and data will be available in API V3, only the endpoints are different. Below is a brief overview of common endpoints in API V1 and the corresponding endpoint in API V3.
| Use case | API V1/V2 | API V3 | API V3 Guides |
|---|---|---|---|
| Login | /g/aaa/authenticate /g/aaa/authorize |
https://auth.eagleeyenetworks.com/oauth2/authorize | Login guide |
| Logout | /g/aaa/logout | https://auth.eagleeyenetworks.com/oauth2/revoke | Logout guide |
| Get cameras | /g/device/list | {BaseURL}/v3.0/cameras | Cameras |
| Get live video | /asset/play/video.flv | {BaseURL}/v3.0/feeds | Feeds |
| Get footage | /asset/list/video | {BaseURL}/v3.0/media | Media |
In API V3, Eagle Eye Networks has replaced API keys with Client Credentials, offering technology partners improved support and a personalized experience. Partners must obtain separate credentials for each application, as the old API key is not compatible with API V3. To request API client credentials, contact api_support@een.com. This new approach enhances individual application monitoring and management, resulting in tailored support for partners.
One of the benefits of the OAuth system is that an application integrating the Eagle Eye Video API Platform does have to store a username/password of the customers that want to use the integration. Storing usernames/passwords is in general not recommended. OAuth replaces the traditional username/password with a refresh_token. The refresh_token can be used to log in on behalf of the user without knowing the username/password. The recommended way to obtain refresh_token is by implementing the OAuth “Authorization code” grant type.
Existing integration might already have a database with usernames/passwords which should be migrated to refresh_tokens. The OAuth “password grant type“ can be used to do this. In the Eagle Eye Networks the "password grant type" is disabled by default and it can be enabled on a case-by-case basis to facilitate the migration from traditional usernames/passwords to refresh_tokens.
The password grant type in OAuth can and should only be used for migration purposes, as it is officially deprecated by the OAuth standard organization and it does not support modern authentication methods like multi-factor authentication.
To migrate, securely obtain the first refresh_tokens through the password grant type and store them in your secure backend. Next, remove usernames/passwords from your databases to prevent security risks. This process ensures that users don't have to log in again. Exercise caution when using the password grant type, as it is not recommended for long-term use.
To ensure a seamless transition for technology partners, we have whitelisted all V1/V2 integration domains in the V3 CORS whitelist. Existing partners can effortlessly begin integrating with API V3 without the need to register their domains again. Experience the enhanced capabilities and improved support of API V3 by starting your integration today. If new domains need to be white listed pls email api_support@een.com
We strongly advise against mixing integrations with V1/V2 and V3, as doing so would require two concurrent integrations, complicating development efforts. Additionally, combining these versions may result in decreased response times, affecting your application's performance. For a more efficient and streamlined experience, we recommend focusing solely on API V3 integration