Versions Compared

Old Version 76

changes.mady.by.user Jason Andrew

Saved on

compared with

New Version Current

changes.mady.by.user Jason Andrew

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Status
colourGreen
title3.20.0

The Authentication REST API Interface defines the REST API interface which customers will need to implement in their own authentication system, if they would like to integrate their own user authentication system with ServiceMobility. 

By implementing an API which matches the Authentication REST API Interface, customers can configure ServiceMobility (via the Entity System Configuration object) so that calls made to the Create JWT REST API are passed through to their own user authentication system, instead of using user authentication details stored in ServiceMobility.


Panel
borderColorgrey
bgColorwhitesmoke
borderStylesolid

On this page:

Table of Contents
maxLevel2

Related pages:


Resource URL Summary

Panel
borderColorgrey
bgColorwhitesmoke
borderStylesolid

Create JWT Token

POST <REST Endpoint URI>

HTTP Headers

HTTP HeaderValue
Content-Typeapplication/json



API Specifics


Panel
borderColor#D3D3D3

Create JWT Token

This REST API must authenticate user's credentials. If the credentials passed in are verified, then this API must return a valid JWT, which ServiceMobility will then use to allow access other REST APIs.

URL

Panel
borderColorgrey
bgColorwhitesmoke
borderStylesolid

POST <REST Endpoint URI>

HTTP Request Body

The HTTP will contain a valid Authentication Object.

HTTP Response

Response Codes

HTTP CodeDescription
200OK. Credentials were verified and a valid JWT was returned.
401Invalid Logon.
500Server error. An error occurred while processing the request. The HTTP response body should have more details as to the possible cause.

On success, an HTTP response code of 200 must be returned, and the response body must contain a valid JWT token. 

Response Object Format

Code Block
languagejs
{
	"token": ""
}

Response Object Properties

(info) Required properties are in bold.

PropertyDescription
token

The token property, in the returned response will be used for all subsequent REST API calls. ServiceMobility supports the HMAC SHA256 hashing algorithm for the JWT token. The JWT token must include registered and optional private claims in the payload.

Header: Algorithm & Token Type


ClaimDescriptionFormat
algHashing AlgorithmString ("HS256")
typType of the tokenString ("JWT")


 Payload: Data
Registered Claims
ClaimDescriptionFormat
expExpiration TimeNumber of seconds since Epoch (1970-01-01T00:00:00Z UTC) until the specified UTC date (and time).
iatIssued AtNumber of seconds since Epoch (1970-01-01T00:00:00Z UTC) until the specified UTC date (and time).
Private Claims (Optional)
ClaimDescriptionFormat
nameName for the authorized user requesting JWT token.String
emailEmail address of the user.String
expdbExpiry Dead Band. This private claim will allow a mobile worker to remain logged into the mobile application through the auto-login process even after the expiration of JWT token. The mobile application will not have ability to communicate with the back office when a mobile worker is logged with expired JWT.Number of minutes