Authentication
The authentication endpoints are used to manage access to the xAPI session.
Categories:
Note
Refer to Session Management and Configuration for more information on xAPI access.Log into the xAPI
POST /authentication/login
Sending this endpoint logs the user in and starts a new xAPI session. Two tokens are returned: the session token and a refresh token.
Payload
Required
| Key | Type | Description |
|---|---|---|
UserID |
string | xAPI user ID defined in EPASS. |
Password |
string | User ID password. |
OrganizationID |
string | Your orginization ID. |
ApplicationName |
string | The name of your application that is accessing EPASS via the xAPI. Note: This is a freeform field that is not validated by the xAPI. |
Optional
| Key | Type | Description |
|---|---|---|
BranchCode |
string | The store branch code. Branch codes are located in EPASS at Tools > System Maintenance > Tables > Branch. |
TerminalCode |
string | The Terminal code. You can locate this code in EPASS at Tools > System Maintenance > Tables > Branch. Select the branch code, and then click Terminals. |
Sample: Logging In
POST /authentication/login
{
"UserId": "CGN",
"Password": "12345",
"OrganizationId": "ACME APPLIANCE",
"ApplicationName": "ACME WEBSTORE APP",
"BranchCode": "001",
"TerminalCode": "default"
}
{
"successful": true,
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"tokenExpiry": "2022-01-25T10:03:00.2225716-08:00",
"additionalMessages": "Login successful.",
"refreshToken": "bHVOZAuXqkQVieTobFgAjOnqh",
"refreshExpiry": "2022-01-25T10:03:00.2227206-08:00"
}
{
"successful": false,
"token": null,
"tokenExpiry": null,
"additionalMessages": "Invalid user or password.",
"refreshToken": null,
"refreshExpiry": "0001-01-01T00:00:00"
}
Refresh Your Login Tokens
PUT /authentication/tokenrefresh
This endpoint returns new session and refresh tokens.
Payload
| Key | Type | Description |
|---|---|---|
CurrentToken |
string | Your session token. |
RefreshToken |
string | Your refresh token. |
Sample: Refreshing Your Login Tokens
PUT /authentication/tokenrefresh
{
"CurrentToken": "123456789",
"RefreshToken": "987654321"
}
{
"successful": true,
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ",
"tokenExpiry": "2022-01-26T15:05:15.6413881-08:00",
"additionalMessages": "Refresh successful.",
"refreshToken": "IqXRYpohZhg6Zvd9DXpvcGt6N",
"refreshExpiry": "2022-01-26T15:05:15.6415093-08:00"
}
{
"successful": false,
"token": null,
"tokenExpiry": null,
"additionalMessages": "An error occured attempting to parse the users session token. The message returned was: \"IDX12709: CanReadToken() returned false. JWT is not well formed: 'System.String'.\nThe token needs to be in JWS or JWE Compact Serialization Format. (JWS): 'EncodedHeader.EndcodedPayload.EncodedSignature'. (JWE): 'EncodedProtectedHeader.EncodedEncryptedKey.EncodedInitializationVector.EncodedCiphertext.EncodedAuthenticationTag'.\"",
"refreshToken": null,
"refreshExpiry": "0001-01-01T00:00:00"
}
Validate Your Tokens
GET /authentication/tokenvalidate
This endpoint validates your session and refresh tokens. If both tokens are valid, a confirmation message is returned.
Sample: Validating Your Tokens
GET /authentication/tokenvalidate
{
"success": true,
"warning": false,
"httpStatusCode": 0,
"generalMessage": "Token is valid.",
"exceptionMessage": null,
"keys": [],
"messages": [],
"warnings": []
}
{
"StackTrace": null,
"Message": "Token expired.",
"Data": {},
"InnerException": null,
"HelpLink": null,
"Source": "Establish sesssion from token.",
"HResult": -2146233088
}
Log Out of the xAPI
DEL /authentication/logout
This endpoint logs you out of the xAPI by invalidating your tokens and ending the xAPI session.
Sample: Logging Out of the xAPI
DELETE /authentication/logout
{
"success": true,
"warning": false,
"httpStatusCode": 0,
"generalMessage": "Session was found and removed successfully.",
"exceptionMessage": null,
"keys": [],
"messages": [],
"warnings": []
}
Feedback
Was this page helpful?
Thank you! Have additional feedback? We would love to hear from you!
Sorry to hear that. Please tell us how we can improve.