Sign in

The Sign in process involves transmitting user credentials, such as a username and password, from the user to the server. Upon successful authentication, the server issues temporary tokens that enable the user to access secured resources without reauthentication for each request.

Detailed Process

1. Initiating Sign-In:

   • The user initiates the sign-in process by sending a request to the POST /reg/auth/token endpoint.
   • Request URL:
     plaintext

     POST /reg/auth/token
     

2. Request Payload:

   • The user must include their credentials in the request body.
   • Example Request Body:
     JSON

     {
       "grant_type": "password", //type of grant being used; "password" indicates the use of user credentials.
       "password": "A9#bL8@z", //user’s password for authentication.
       "username": "[email protected]", //user’s username or email for authentication.
       "client_id": "haequi3Aah8lie2r" //identifier for the client application requesting the token.
     }
     

3. Server Verification:

   • The server receives the request and verifies the provided credentials.
   • If authentication is successful, the server generates two types of tokens:
     • Access Token: This token is used to access secured resources.
     • Refresh Token: This token allows the user to obtain a new access token without requiring them to sign in again.

4. Response:

   • The server responds with the tokens.
   • Example Response:
     JSON

     {  
     	"access_token": "eyJQiLCJhbUgdXNlJ2JNK1I3vwC2H9-mVdrU", ////the token used for authenticating subsequent requests from the user.
     	"token_type": "Bearer", //the type of token, typically bearer, indicating that the access token should be used in the authorization header of requests.
     	"refresh_token": "eyJQiLCJhbUgdXNlJ2JNK1I3vwC2H9-mVdrU", //token used to obtain a new access token without re-authenticating. 
     	"scope": "accounts:create accounts:read top_up_account:show top_up_bank_card:show top_up_crypto:show top_up_bank:show top_up_atm_gcp_qr:show withdraw_account:show withdraw_bank:show withdraw_crypto:show withdraw_atm_gcp_qr:show exchange:show accounts:show withdraw_other_account:show deposit:read deposit_crypto:create deposit_bank:create deposit_atm:create transfer:read transfer_own:create transfer_other:create exchange:read exchange:create withdraw:read withdraw_crypto:create withdraw_bank:create withdraw_atm:create withdraw_ips:show cardholder_user:read cardholder_user:write user_phone:write user_email:write user_email:create user_phone:create user_mfa:read user_mfa:create counterparty:create counterparty:read",  
     	"expires_in": 86400, //the number of seconds until the access token expires. 
     	"user_id": "usr:74177c2d-11b5-4536-af4e-485dfd078cc1"  //unique identifier for the authenticated user.
     }
     

5. Token Usage:

   • The user uses the access_token to access secured resources in subsequent requests.
   • When the access token expires, the user can use the refresh_token to obtain a new access token without requiring them to sign in again.

Benefits

• Security: Tokens enhance security by minimizing the need for frequent reauthentication.
• User Experience: Continuous access to protected resources improves the user experience by reducing the need for repeated sign-ins.

This approach provides a secure and seamless way to manage user authentication and access to resources.