Users Authentication

Get access_token: Users can obtain the access token via a POST method https://apiv4.ordering.co/:version/:language/:project/auth

For increased security. The authentication generates a special token that is related to the project, user id, and the user level. The Ordering API's will automatically recognize the user based on the access token.

To learn more about the User levels please check the Users Model

What is it for?

The access token allows endpoints to be used with restrictions of user levels and authentication. This is obtained by the authentication (Authorize User Login or Social Login). Below is an example of the part of the response that contains the token:

"result": {
	...
	"session": {
	"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC8xOTIuMTY4LjEuNzI6ODA4MFwvdjQwMFwvZW5cL2FkbWluaXN0cmF0b3JcL2F1dGgiLCJpYXQiOjE1Mzg0MDQzODMsImV4cCI6MTU2OTk0MDM4MywibmJmIjoxNTM4NDA0MzgzLCJqdGkiOiJBeHV5RG5oWE9veEZ5UTF2Iiwic3ViIjoxLCJwcnYiOiJkYzg3MzkwZWNhN2ZmZGU1MDE0MmEzYmY0MThmOGRhY2ZhNWZjYTYwIiwibGV2ZWwiOjB9.VjOisUjZku5k2jYFi-J1UMXW8W7PjKWhtIDSyOyHS7o",
	    "token_type": "bearer",
	    "expires_in": 31536000
	},
	...
}

How to use it?

Once the access token is obtained, what can you do with it? The token is the key that allows you to use the restricted Ordering APIs endpoints.

This is done by adding it to the header of the request in the following way:

  • The header parameter that this parameter must contain is 'authorization'.
  • The value of 'authorization' must be the token with the word 'bearer' prefixed then space and after the token.

Thus, the authorization structure in the header would be the following:

"authorization": "bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC8xOTIuMTY4LjEuNzI6ODA4MFwvdjQwMFwvZW5cL2FkbWluaXN0cmF0b3JcL2F1dGgiLCJpYXQiOjE1Mzg0MDQzODMsImV4cCI6MTU2OTk0MDM4MywibmJmIjoxNTM4NDA0MzgzLCJqdGkiOiJBeHV5RG5oWE9veEZ5UTF2Iiwic3ViIjoxLCJwcnYiOiJkYzg3MzkwZWNhN2ZmZGU1MDE0MmEzYmY0MThmOGRhY2ZhNWZjYTYwIiwibGV2ZWwiOjB9.VjOisUjZku5k2jYFi-J1UMXW8W7PjKWhtIDSyOyHS7o"

Using Ordering SDK

   let token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC8xOTIuMTY4LjEuNzI6ODA4MFwvdjQwMFwvZW5cL2FkbWluaXN0cmF0b3JcL2F1dGgiLCJpYXQiOjE1Mzg0MDQzODMsImV4cCI6MTU2OTk0MDM4MywibmJmIjoxNTM4NDA0MzgzLCJqdGkiOiJBeHV5RG5oWE9veEZ5UTF2Iiwic3ViIjoxLCJwcnYiOiJkYzg3MzkwZWNhN2ZmZGU1MDE0MmEzYmY0MThmOGRhY2ZhNWZjYTYwIiwibGV2ZWwiOjB9.VjOisUjZku5k2jYFi-J1UMXW8W7PjKWhtIDSyOyHS7o"
   ordering.setToken(token)