Customer Token

Requesting a customer token

post

Logs in a customer and sends an authentication request. Returns two customer tokens: * Customer access token. * Customer SaaS token.

Path parameters
tenantstringRequired

Name of the tenant.

Note: Name of the tenant is always written in lowercase.

Example: {tenant}
Header parameters
AuthorizationstringRequired

Anonymous customer's access token.

Example: Bearer {anonymous_access_token}
Content-TypestringRequired
Body
emailstring · email · min: 1Required
passwordstring · min: 6Required
Responses
200
The request was successful. A customer token is returned.
application/json
post
POST /customer/{tenant}/login HTTP/1.1
Host: api.emporix.io
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 59

{
  "email": "[email protected]",
  "password": "Qwurmdch673;'"
}
200

The request was successful. A customer token is returned.

{
  "access_token": "CZXFASGEG@!@$!24fasASDF",
  "saas_token": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIAFAFGVZE!@£$FSDVZERTNX0.BK1_F8aRMnnNN6y2Q6TVa4x_Knj3-Qojy4QsPNkHcz8",
  "expires_in": 14399,
  "refresh_token": "QBeG0XJfRqElE67U4tHJAQWrtfas1VR5eg",
  "refresh_token_expires_in": 86399,
  "session_id": "45c9726e-77c8-4bd0-b29d-61ab56f59726"
}

Refreshing a token

get

Sends an authentication request and returns a refresh token.

Path parameters
tenantstringRequired

Name of the tenant.

Note: Name of the tenant is always written in lowercase.

Example: {tenant}
Query parameters
refreshTokenstringRequired

Customer's refresh token generated when the customer token is created.

Example: {customer_refresh_token}
legalEntityIdstringOptional

Identifier of the legal entity associated with the user session.

Header parameters
AuthorizationstringRequired

Customer's access token generated when the customer token is created.

Example: Bearer {customer_access_token}
Responses
200
The request was successful. A refresh token is returned.
application/json
get
GET /customer/{tenant}/refreshauthtoken HTTP/1.1
Host: api.emporix.io
Authorization: text
Accept: */*
200

The request was successful. A refresh token is returned.

{
  "token_type": "Bearer",
  "access_token": "5UvjlVEsU6G1NTuitcfkNBlAzUn8",
  "expires_in": 1799,
  "refresh_token_expires_in": 86326,
  "refresh_token": "xIMsJmuyyltCWYD7uftonNeBtSAQMldH",
  "session_id": "45c9726e-77c8-4bd0-b29d-61ab56f59726"
}

Validate a token

get

Checks whether a token is valid. If the token is invalid, it returns a 401 status code. If the token is valid, it provides the token details.

Path parameters
tenantstringRequired

Name of the tenant.

Note: Name of the tenant is always written in lowercase.

Example: {tenant}
Header parameters
AuthorizationstringRequired

Customer's access token generated upon the customer token creation.

Example: Bearer {customer_access_token}
Responses
200
The request was successful. A token details are returned.
application/json
get
GET /customer/{tenant}/validateauthtoken HTTP/1.1
Host: api.emporix.io
Authorization: text
Accept: */*
{
  "token_type": "Bearer",
  "expires_in": 2591974,
  "scope": "approval.approval_read_own customermanagement.legalentity_read_own customer.customer_read_own quote.quote_read_own returns.returns_read_own iam.scope_read_own iam.user_read_own customersegment.segment_read_own iam.group_read_own order.order_readascustomer coupon.coupon_redeem customer.customerprofile_edit quote.quote_manage_own returns.returns_manage_own customer.customer_manage_own approval.approval_manage_own order.order_updateascustomer iam.assignment_delete_own customer.consent_view customer.customerprofile_view order.history_view iam.assignment_create_own customer.consent_manage tenant=test",
  "sessionId": "415c340b-5996-4112-bb3b-38139a409f93",
  "email": "[email protected]",
  "legalEntityId": "53ac81fd0cce8b26b36f3492"
}

Was this helpful?