Authorizing an account
To authorize an account, send the following request:
http
POST /auth/api/v1/authentication-management/sessionPOST /auth/api/v1/authentication-management/sessionjson5
{
email: 'string', //The user’s email address
signature: 'string', //The signature of the user’s email address encoded as Hex
authPublicKeyHex: 'string' //The public key of the 'Authorization' key pair encoded as Hex
}{
email: 'string', //The user’s email address
signature: 'string', //The signature of the user’s email address encoded as Hex
authPublicKeyHex: 'string' //The public key of the 'Authorization' key pair encoded as Hex
}json5
{
email: 'alice@mail.com',
signature: '0b458f758eeca3d7a2a64de0648c9b7dccaee146202257cd8ebaeb4690aa48b464108111d8cf0e7f3b0ace1b51dcda89e76d372233514f324e00d64c6b899c0e',
authPublicKeyHex: '8a53d297bc406c63396967388ecc2ebc8abd701d195a43bbb4751ac5a86eac1b'
}{
email: 'alice@mail.com',
signature: '0b458f758eeca3d7a2a64de0648c9b7dccaee146202257cd8ebaeb4690aa48b464108111d8cf0e7f3b0ace1b51dcda89e76d372233514f324e00d64c6b899c0e',
authPublicKeyHex: '8a53d297bc406c63396967388ecc2ebc8abd701d195a43bbb4751ac5a86eac1b'
}NOTE
For instructions on how to generate the signature string, see Signing user email addresses.
The authPublicKeyHex string is taken from the user's Authorization key pair on the FIB Web App Profile screen. For details, see Web App UI: 'Authorization' key pair.
Expected result
If authorization is successful, a response with the following JSON web tokens is generated:
| Field | Value Type | Description |
|---|---|---|
accessToken | string | The access token, which is later used in headers of other requests as a bearer token. |
refreshToken | string | The refresh token. |
expirationTime | integer($int64) | The exact time until which the event is considered relevant (ISO 8601: YYYY-MM-DDTHH:MM:SSZ) in seconds). |
json5
{
status: {
code: integer($int32),
name: 'string',
message: 'string'
},
data: {
accessToken: 'string',
refreshToken: 'string',
expirationTime: integer($int64)
}
}{
status: {
code: integer($int32),
name: 'string',
message: 'string'
},
data: {
accessToken: 'string',
refreshToken: 'string',
expirationTime: integer($int64)
}
}json5
{
status: {
code: 200,
name: 'OK',
message: 'User authorization has been successful.'
},
data: {
accessToken: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJhY2MiOiJhbGljZUB3b25kZXJsYW5kIiwic3ViIjoiYWxpY2VAbWFpbC5jb20iLCJyb2xlIjoiUk9MRV9QRUVSIiwiZXhwIjoxNzAzMTg3NDEyLCJqdGkiOiIwNjgzM2FlZi03ZDljLTQ2MTUtYTU4YS02YjYxZWZkM2FhNjEifQ.HvrukWtcA7nz5rbxWiklJOjnv4X7jaAQ7piJaxqlW5rvUv52rClqYYHSn9F-P4u6pKNlJSpiiiH0GnynXsL7CQ',
refreshToken: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJzdWIiOiJhbGljZUBtYWlsLmNvbSIsImFjanRpIjoiMDY4MzNhZWYtN2Q5Yy00NjE1LWE1OGEtNmI2MWVmZDNhYTYxIiwiZXhwIjoxNzAzMjczNTEyLCJqdGkiOiJhY2NkYWUzNS00ODA1LTQ5NmQtYTBiZC02Y2Y4OGI3OTBkYjkifQ.rCrbFnF5axwixq4wwURZdu_DFwFlOil9RFYkmqlLYVPoU1UpN8PlWC8Kg7QBvA-eJYVzb8yKgQ0GiIAITe3ADA',
expirationTime: 300
}
}{
status: {
code: 200,
name: 'OK',
message: 'User authorization has been successful.'
},
data: {
accessToken: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJhY2MiOiJhbGljZUB3b25kZXJsYW5kIiwic3ViIjoiYWxpY2VAbWFpbC5jb20iLCJyb2xlIjoiUk9MRV9QRUVSIiwiZXhwIjoxNzAzMTg3NDEyLCJqdGkiOiIwNjgzM2FlZi03ZDljLTQ2MTUtYTU4YS02YjYxZWZkM2FhNjEifQ.HvrukWtcA7nz5rbxWiklJOjnv4X7jaAQ7piJaxqlW5rvUv52rClqYYHSn9F-P4u6pKNlJSpiiiH0GnynXsL7CQ',
refreshToken: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSJ9.eyJzdWIiOiJhbGljZUBtYWlsLmNvbSIsImFjanRpIjoiMDY4MzNhZWYtN2Q5Yy00NjE1LWE1OGEtNmI2MWVmZDNhYTYxIiwiZXhwIjoxNzAzMjczNTEyLCJqdGkiOiJhY2NkYWUzNS00ODA1LTQ5NmQtYTBiZC02Y2Y4OGI3OTBkYjkifQ.rCrbFnF5axwixq4wwURZdu_DFwFlOil9RFYkmqlLYVPoU1UpN8PlWC8Kg7QBvA-eJYVzb8yKgQ0GiIAITe3ADA',
expirationTime: 300
}
}If authorization is unsuccessful, refer to API Specification > Authorizing a user in the system: Responses for a list of possible reasons.