authenticateWithJwt

@POST(value = jwtAuthenticate)
abstract suspend fun authenticateWithJwt(@Body() jwtAuthenticateRequestDto: JwtAuthenticateRequestDto): Response<JwtAuthenticateResponseDto>
Content copied to clipboard

Authentication using JWT Allows clients to authenticate and acquire an access token using a JSON Web Token. &lt;br/&gt;&lt;br/&gt;If successful, the response includes a user or client access token which can be used as a session token for other authenticated endpoints in the Sensibill API. &lt;br/&gt;&lt;br/&gt;There are two types of access tokens - user tokens and client tokens. Passing in your clientID in the &#39;sub&#39; claim (or individual ID claim field) of your JWT will return a client access token. Passing a user&#39;s access ID in your ID Claim field will return a user access token instead. &lt;br/&gt;&lt;br/&gt;Your client account must be configured to allow JWT (please reach out to the Sensibill Support Team). The API supports JWS and JWE as JWT implementations. &lt;br/&gt;&lt;br/&gt;JWS currently supports RSA and ECDSA signing algorithms (RS256, RS384, RS512, ES256, ES384, ES512). Public keys for signature verification should be made available through a publicly accessible URL. JWS header must have &#39;alg&#39; and &#39;kid&#39; parameters and the payload must have at least &#39;sub&#39; and &#39;iat&#39; claims. The &#39;sub&#39; claim is used to identify either a user or a client. If there is a desire to use another claim for those purposes then it can be configured during the client account setup. JWS implementation also supports &#39;exp&#39;, &#39;aud&#39;, &#39;iss&#39; and &#39;scp&#39; claims. If there is a need to validate those claims they should be configured as part of the client account setup. &lt;br/&gt;&lt;br/&gt;JWE currently supports RSAES OAEP using default parameters (&#39;alg&#39;: RSA-OAEP) for encrypting the Content Encryption Key (CEK) and AES GCM using 256-bit key (&#39;enc&#39;: A256GCM) for encrypting the content. Please reach out to the Sensibill Support Team to receive Sensibill’s public key to be used for JWT encryption. JWE’s content is expected to be a JWS conforming to the JWS requirements mentioned earlier. &lt;br/&gt;&lt;br/&gt;The response also returns a token_id. This can not be used for authenticating regular requests, but is required for using our query parameter based signature method. Responses:

  • 200: Success. Use the token in the body for other authenticated calls as this user.

  • 400: Bad Request. This will occur if you omit a required parameter, or if you provide an invalid value for a required parameter.

  • 401: Unauthorized. This will occur if the credentials you have provided are invalid.

Parameters

jwtAuthenticateRequestDto