close
#Authentication
This part of the API allows you to achieve JSAT's two-way authentication.
#Create a callback
- Route: /subscribe/auth/callback
- Method: POST
Step 1 of our two-way authentication flow.
This flow requires the creation of a callbackId from the provider that
will be used by the consumer to redirect the user once it's signed in on
both sides. Thus, the provider can also become a consumer if the consumer
implements the same flow in the opposite way.
The callbackId can be granted using two methods:
- password: This first signs the user then attach the callback ownership
- bearer: This uses the "Authorization" header to recognize an already authenticated user and automatically attach the callback ownership to it (deprecated, not documented)
Both methods also need a redirectUri to redirect the user once it's authenticated.
| Body parameters | |
|---|---|
grantType Type: StringAccepted values: 'password' | Required |
redirectUri Type: String | Required |
username Type: String | Username |
password Type: String | Password |
#Verify a callback
- Route: /subscribe/auth/token
- Method: POST
This endpoints is the second part of our two-way authentication flow.
It allows to verify a callback previously created using
createCallback.