flightsimulatorplatfrom/openfsd
1
0
Fork 0
mirror of https://github.com/renorris/openfsd synced 2026-03-22 06:25:35 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
c0155e78d4e8947d83d62a98731b6be7c62bef40
openfsd/docs/authentication-token.md
Reese Norris cde3128509 initial v1.0-beta commit
2025-05-12 17:21:16 -07:00

1.8 KiB
Raw Blame History

Authentication Tokens

See JSON Web Token

FSD authentication tokens adhere to the JSON Web Token (JWT) standard. They are retrieved via HTTPS and subsequently transmitted in plaintext to the FSD server as part of the login process.

Add Pilot (#AP) and Add ATC (#AA) packets previously used plaintext passwords in the Token field. Now, any client using any protocol revision must use the new authentication token.

Endpoint

POST https://auth.vatsim.net/api/fsd-jwt
Request Body
{
  "cid":      "123456",
  "password": "s3cr3t"
}
Response Body
{
  "success": true,
  "token":   "<jwt token>"
}
Response Body (Error Cases)
{
  "success":   false,
  "error_msg": "<error message>"
}

Token Fields

See JWT Standard Fields

VATSIM FSD JSON Web Tokens adhere to the following format:

Header
{
  "typ": "JWT",
  "alg": "HS256"
}
Payload Example
{
  "iat": 1735772371,
  "nbf": 1735772251,
  "exp": 1735772671,
  "iss": "https://auth.vatsim.net/api/fsd-jwt",
  "sub": "123456",
  "aud": "fsd-live",
  "jti": "rK7v1yEs1TExNDI1S",
  "controller_rating": 0,
  "pilot_rating":      0
}

Two custom number fields are used: controller_rating and pilot_rating.
The Subject (sub) field specifies the user's VATSIM CID.

Encoded Example
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE3MzU3NzIzNzEsIm5iZiI6MTczNTc3MjI1MSwiZXhwIjoxNzM1NzcyNjcxLCJpc3MiOiJodHRwczovL2F1dGgudmF0c2ltLm5ldC9hcGkvZnNkLWp3dCIsInN1YiI6IjEyMzQ1NiIsImF1ZCI6ImZzZC1saXZlIiwianRpIjoicks3djF5RXMxVEV4TkRJMVMiLCJjb250cm9sbGVyX3JhdGluZyI6MCwicGlsb3RfcmF0aW5nIjowfQ.3aqOBIqhAP9RndXN1lao9OPsqMixX2Yndn89NpsvVjA
Reference in New Issue View Git Blame Copy Permalink