Authentication
All private endpoint are protected by Authentication mechanism, where User or Platform must provide Authorization Header in order to access the resource.
Authorization Header
Authorization: Bearer <token>
MoneyNS provide 2 types of Authentication mechanisms:
1. User Authentication
In this case, user must hit POST: /api/v1/authenticate endpoint with required parameters in order to receive User ID and ID (Token), required for later authorization for private endpoints.
Request Payload
{
"email": "john@email.com",
"password": "xxxxxxxx"
}
Request Response
{
"data": {
"id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"userId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"ttl": 1209600,
"until": "2020-10-02T10:48:35.753516Z",
"created": "2020-09-18T10:48:35.753560Z"
}
}
2. Platform Authentication
In this case, platform must hit POST: /api/v1/authenticate-jwt/{platform} endpoint with required parameters in order to receive User ID and ID (Token), required for later authorization for private endpoints.
This endpoint do not require any payload, except the Token: <token>
Header, that will be generated using provided Platform details.
Request Token Payload (RS512 encrypted with JWT Public and private)
{
"email": "john@email.com",
"expire": 123456789
}
Request Response
{
"data": {
"id": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"userId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"ttl": 1209600,
"until": "2020-10-02T10:48:35.753516Z",
"created": "2020-09-18T10:48:35.753560Z"
}
}
Response Payload
Property | Details |
---|---|
id | Represents the Bearer <token> that will be used to authorize requests on protected endpoints |
userId | Represents the User ID that will be used on all protected endpoints |
ttl | Represents seconds of Bearer <token> availability |
until | Represents the Date until the Bearer <token> is valid |
created | Represents the Date the TokenBearer <token> was created |
If this do not answer your questions, please do not hesitate to contact us at contact@cryptocoin.pro.