JWT Bearer Authentication

API Methods

JWT Token is issued by API after successful login is performed. All subsequent requests have Authorization header with value in format Bearer {tokenId}. Successful response contains AuthResult model in response body.

Authentication

POST http://{server-address}/api/auth

User authorization based on provided credentials. User authenticates to specific device, specified by DeviceName property in request body. As result, JWT token is issued.

Request Body

Name
Type
Description

UserName*

string

Unique user name.

Password

string

User password

DeviceName*

string

The unique name of the device the user is logging into

{
    "tokenId": "eyJhbG....GLvNNavSk0A",
    "refreshToken": "pC73A....63GkAAEpwtWA=",
    "user": {
        "id": "635f7ae3072edfeae7c26a1e",
        "isVirtual": false,
        "name": "MajiteΔΎ",
        "userName": "999",
        "featureName": null,
        "rights": [
            "admin"
        ],
        "device": {
            "name": "P01",
            "envName": "CashRegister",
            "description": "P01",
            "preferences": {},
            "settings": {
                "MaxQuantity": "200",
                "OpenedPrices": "false",
                "NoticeOnNegativeSale": "false",
                "VisibleQuantities": "false",
                "DefaultFiscalName": "eKasa",
                "DefaultOrderEndpointName": "",
                "DefaultStockName": "S01"
            }
        }
    }
}

In case of need, you can get user profile associated with tokenId, using request below. Successful response contains UserProfileContext model in response body.

Get current user profile

GET http://{server-address}/api/auth

Headers

Name
Type
Description

Authorization*

String

JWT token in format Bearer {tokenId}.

{
    "id": "635f7ae3072edfeae7c26a1e",
    "isVirtual": false,
    "name": "MajiteΔΎ",
    "userName": "999",
    "featureName": null,
    "rights": [
        "admin"
    ],
    "device": {
        "name": "P01",
        "envName": "CashRegister",
        "description": "P01",
        "preferences": {},
        "settings": {
            "MaxQuantity": "200",
            "OpenedPrices": "false",
            "NoticeOnNegativeSale": "false",
            "VisibleQuantities": "false",
            "DefaultFiscalName": "eKasa",
            "DefaultOrderEndpointName": "",
            "DefaultStockName": "S01"
        }
    }
}

Each session has its expiration time (may be modified in API settings). To extends lifespan of session, you can call refresh method. Successful response contains RefreshTokenResult model in response body.

Refresh session

POST http://{server-address}/api/auth/refresh

Extends session lifespan.

Request Body

Name
Type
Description

tokenId*

String

Token ID obtained during authorization.

refreshToken*

String

Refresh token obtained during authorization.

{
    "tokenId": "eyJhbG....GLvNNavSk0A",
    "refreshToken": "pC73A....63GkAAEpwtWA="
}

To sign out and terminate user session, send DELETE request.

Terminate session

DELETE http://{server-address}/api/auth

Logs out user.

Headers

Name
Type
Description

Authorization*

string

JWT token in format Bearer {tokenId}.

{
    // Response
}
PreviousAuthentication schemesNextHMAC Authentication

Last updated