JWT Bearer Authentication

API Methods

JWT Token is issued by API after successful login is performed. All subsequent requests have Authorization header with value in format Bearer {tokenId}. Successful response contains AuthResult model in response body.

Authentication

POST http://{server-address}/api/auth

User authorization based on provided credentials. User authenticates to specific device, specified by DeviceName property in request body. As result, JWT token is issued.

Request Body

Name	Type	Description
UserName*	string	Unique user name.
Password	string	User password
DeviceName*	string	The unique name of the device the user is logging into

Name

Type

Description

UserName*

string

Unique user name.

Password

string

User password

DeviceName*

string

The unique name of the device the user is logging into

{
    "tokenId": "eyJhbG....GLvNNavSk0A",
    "refreshToken": "pC73A....63GkAAEpwtWA=",
    "user": {
        "id": "635f7ae3072edfeae7c26a1e",
        "isVirtual": false,
        "name": "Majiteľ",
        "userName": "999",
        "featureName": null,
        "rights": [
            "admin"
        ],
        "device": {
            "name": "P01",
            "envName": "CashRegister",
            "description": "P01",
            "preferences": {},
            "settings": {
                "MaxQuantity": "200",
                "OpenedPrices": "false",
                "NoticeOnNegativeSale": "false",
                "VisibleQuantities": "false",
                "DefaultFiscalName": "eKasa",
                "DefaultOrderEndpointName": "",
                "DefaultStockName": "S01"
            }
        }
    }
}

{
    "title": "Nesprávne meno alebo heslo.",
    "status": 401,
    "instance": "/api/auth",
    "errorCode": "Unauthorized",
    "traceId": "0HMM3ODQRAVOG:00000002"
}

In case of need, you can get user profile associated with tokenId, using request below. Successful response contains UserProfileContext model in response body.

Get current user profile

GET http://{server-address}/api/auth

Headers

Name Type Description

Name	Type	Description
Authorization*	String	JWT token in format `Bearer {tokenId}`.

Authorization*

String

JWT token in format Bearer {tokenId}.

{
    "id": "635f7ae3072edfeae7c26a1e",
    "isVirtual": false,
    "name": "Majiteľ",
    "userName": "999",
    "featureName": null,
    "rights": [
        "admin"
    ],
    "device": {
        "name": "P01",
        "envName": "CashRegister",
        "description": "P01",
        "preferences": {},
        "settings": {
            "MaxQuantity": "200",
            "OpenedPrices": "false",
            "NoticeOnNegativeSale": "false",
            "VisibleQuantities": "false",
            "DefaultFiscalName": "eKasa",
            "DefaultOrderEndpointName": "",
            "DefaultStockName": "S01"
        }
    }
}

Each session has its expiration time (may be modified in API settings). To extends lifespan of session, you can call refresh method. Successful response contains RefreshTokenResult model in response body.

Refresh session

POST http://{server-address}/api/auth/refresh

Extends session lifespan.

Request Body

Name	Type	Description
tokenId*	String	Token ID obtained during authorization.
refreshToken*	String	Refresh token obtained during authorization.

Name

Type

Description

tokenId*

String

Token ID obtained during authorization.

refreshToken*

String

Refresh token obtained during authorization.

{
    "tokenId": "eyJhbG....GLvNNavSk0A",
    "refreshToken": "pC73A....63GkAAEpwtWA="
}

To sign out and terminate user session, send DELETE request.

Terminate session

DELETE http://{server-address}/api/auth

Logs out user.

Headers

Name Type Description

Name	Type	Description
Authorization*	string	JWT token in format `Bearer {tokenId}`.

Authorization*

string

JWT token in format Bearer {tokenId}.

{
    // Response
}

PreviousAuthentication schemes NextHMAC Authentication

Last updated 9 months ago