Sign in
The Sign-In process allows users to authenticate securely by transmitting their credentials to the server, which issues temporary tokens. These tokens enable access to secured resources without requiring reauthentication for each request.
Step 1: Initiating Sign-In
Users must send a request to the OAuth2.0 Token Service endpoint.
Key Requirements:
- Set
grant_typetopasswordto specify that user credentials are being used for authentication.
Request Details
Endpoint:
POST /reg/auth/token
Example Request Body:
{
"grant_type": "password",
"password": "A9#bL8@z",
"username": "[email protected]",
"client_id": "haequi3Aah8lie2r"
}
Request Fields Description
| Field | Type | Required | Description |
|---|---|---|---|
grant_type | string | Yes | Specifies the type of authentication grant requested, e.g., password. |
password | string | Yes | User's password. |
username | string | Yes | Email of the user. |
client_id | string | Yes | Unique identifier for the client application. Provided by your Key Account Manager. |
Step 2: Authentication and Token Issuance
The server validates the provided credentials.
If authentication is successful, the server generates the following tokens:
- Access Token: Grants access to secured resources.
- Refresh Token: Enables the user to obtain a new access token without reauthentication.
Example Response
{
"access_token": "eyJQiLCJhbUgdXNlJ2JNK1I3vwC2H9-mVdrU",
"token_type": "Bearer",
"refresh_token": "eyJQiLCJhbUgdXNlJ2JNK1I3vwC2H9-mVdrU",
"scope": "accounts:create accounts:read top_up_account:show top_up_bank_card:show top_up_crypto:show top_up_bank:show top_up_atm_gcp_qr:show withdraw_account:show withdraw_bank:show withdraw_crypto:show withdraw_atm_gcp_qr:show exchange:show accounts:show withdraw_other_account:show deposit:read deposit_crypto:create deposit_bank:create deposit_atm:create transfer:read transfer_own:create transfer_other:create exchange:read exchange:create withdraw:read withdraw_crypto:create withdraw_bank:create withdraw_atm:create withdraw_ips:show cardholder_user:read cardholder_user:write user_phone:write user_email:write user_email:create user_phone:create user_mfa:read user_mfa:create counterparty:create counterparty:read",
"expires_in": 86400,
"user_id": "usr:74177c2d-11b5-4536-af4e-485dfd078cc1"
}
Step 3: Using the Tokens
The access_token is included in subsequent requests to access secured resources.
When the access_token expires, the refresh_token is used to obtain a new one without requiring the user to sign in again.
Benefits of This Approach
Enhanced Security
Tokens reduce the need for frequent reauthentication, lowering the risk of exposing user credentials.
Improved User Experience
Users can maintain continuous access to resources without repeated interruptions for reauthentication.
Updated 3 days ago