OAuth Service

We provide the following flows to get access to emporix system:

  • Application authorization - get access token to gain access to the system

  • Anonymous customer authorization - get access token for anonymous customer

  • Real customer authorization - get access token using customer's login credentials

  • Refresh Access Token for customer - refresh access token for logged customer

To request an access token use the server urls provided below.

Please find out an example authorization flow:
https://emporix.atlassian.net/wiki/spaces/SOF/pages/1706360833/Storefront+authorization

This is the documentation for version 1.0 of the API. Last update on Jul 1, 2021.

Base URL
https://api-dev.emporix.io

Customer

Real customer authorization

To get access token for real customer make a simple request, providing username and password in the body of a request.
Anonymous access token should be used as an authorization Bearer token.

Headers
  • Authorization Required / string

    Authorization made by providing an anonymous token value

Path parameters
  • tenant Required / string

    The name of the tenant

Body
  • email string
  • password Required / string
Responses
  • 200 object

    Real user access Token

    • accessToken string
    • expires_in integer(int32)
    • refreshToken string
    • refreshTokenExpiresIn string
    • saasToken string
POST /customer/{tenant}/login
$ curl \
 -X POST https://api-dev.emporix.io/customer/your_tenant_name/login \
 -H "Content-Type: application/json" \
 -H "Authorization: Bearer OTDHYGj8z0aILrvInlIqYQtnWgeq" \
 -d '{"email":"customer@emporix.com","password":"Qwurmdch673;'"}'
Request payload example
# Headers
Authorization: Bearer OTDHYGj8z0aILrvInlIqYQtnWgeq

# Payload
{
  "email": "customer@emporix.com",
  "password": "Qwurmdch673;'"
}
Response example (200)
{
  "accessToken": "CZXFASGEG@!@$!24fasASDF",
  "expiresIn": 14399,
  "refreshToken": "QBeG0XJfRqElE67U4tHJAQWrtfas1VR5eg",
  "refreshTokenExpiresIn": 86399,
  "saasToken": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIAFAFGVZE!@£$FSDVZERTNX0.BK1_F8aRMnnNN6y2Q6TVa4x_Knj3-Qojy4QsPNkHcz8"
}

Customerlogin

Anonymous customer authorization

To get access token for anonymous customer make a simple request, providing client_id, tenant and session-id.
Anonymous access tokens aren't associated with a specific customer but with an anonymousId.
Token is valid for one hour. After that time new access token request must be made.
session-id should be generated on tenant's side.
client_id should be associated with proper apigee app.

Query parameters
  • tenant Required / string

    tenant

  • session-id Required / string

    session-id

  • client_id Required / string

    client_id

Responses
  • 200 object

    Anonymous Access Token

    • access_token string
    • expires_in integer(int32)
    • scope string
    • token_type string
GET /customerlogin/auth/anonymous
$ curl \
 -X GET https://api-dev.emporix.io/customerlogin/auth/anonymous?tenant=your_tenant_name&session-id=nAUVUW-oCmL4xXNs5csKoNnPoBN25W&client_id=PVJMT6iQ8PrnVjLIsvGDMacqOdLJuB7H
Response example (200)
{
  "access_token": "Zq91ySuLxLIzQ0vd0QxiC7imAIHi",
  "expires_in": 3599,
  "scope": "tenant=your_tenant_name",
  "token_type": "Bearer"
}

Oauth

Refresh Access Token for customer

To refresh logged customer access token, you need to provide client_id, client_secret as well as refresh_token
You have to set the Content-type header to application/x-www-form-urlencoded media type.

Headers
  • Content-Type Required /

    Content-type

Body
  • client_id string
  • client_secret string
  • grant_type string
  • scope string
Responses
  • 200 object

    Access Token

    • access_token string
    • expires_in integer(int32)
    • refresh_token string
    • refresh_token_expires_in integer(int32)
    • scope string
    • token_type string
POST /oauth/refresh_token
$ curl \
 -X POST https://api-dev.emporix.io/oauth/refresh_token \
 -H "Content-Type: application/json" \
 -H "Content-Type: string" \
 -d '{"client_id":"{clientId}","client_secret":"{clientSecret}","grant_type":"refresh_token","refresh_token":"{refresh_token}"}'
Request payload example
# Headers
Content-Type: string

# Payload
{
  "client_id": "{clientId}",
  "client_secret": "{clientSecret}",
  "grant_type": "refresh_token",
  "refresh_token": "{refresh_token}"
}
Response example (200)
{
  "access_token": "5UvjlVEsU6G1NTuitcfkNBlAzUn8",
  "expires_in": 1799,
  "refresh_token": "xIMsJmuyyltCWYD7uftonNeBtSAQMldH",
  "refresh_token_expires_in": 86326,
  "scope": "customer.customer_read customer.customer_update ...",
  "token_type": "Bearer"
}

Application authorization

To get access token using client credentials flow, simply make a request, providing client_id and client_secret.
You have to set the Content-type header to application/x-www-form-urlencoded media type.
We don't support refresh token action for application. In case of token expiration, new one should be grabbed.

Headers
  • Content-Type Required /

    Content-type

Body
  • client_id string
  • client_secret string
  • grant_type string
  • scope string
Responses
  • 200 object

    Access Token

    • access_token string
    • expires_in integer(int32)
    • refresh_token string
    • refresh_token_expires_in integer(int32)
    • scope string
    • session_idle_time integer(int32)
    • token_type string
POST /oauth/token
$ curl \
 -X POST https://api-dev.emporix.io/oauth/token \
 -H "Content-Type: application/json" \
 -H "Content-Type: string" \
 -d '{"client_id":"{clientId}","client_secret":"{clientSecret}","grant_type":"client_credentials","scope":"{scopes}"}'
Request payload example
# Headers
Content-Type: string

# Payload
{
  "client_id": "{clientId}",
  "client_secret": "{clientSecret}",
  "grant_type": "client_credentials",
  "scope": "{scopes}"
}
Response example (200)
{
  "access_token": "vkFuQ6oTwj8_Ye4eiRSsqMeqLYNeQRJi",
  "expires_in": 14399,
  "refresh_token": "",
  "refresh_token_expires_in": 0,
  "scope": "List od scopes...",
  "session_idle_time": 120,
  "token_type": "Bearer"
}