Http API: Signin and Authenticate
This article describes the Login and Authenticate API calls. Two use cases are active here:
User is logged in to an external system and is routed to Signifikant
User is not logged in but uses Signifikant anonymously, and decides at a later time to log in to get prices, place order etc.
1. User moves to Signifikant from an external system
In this use case a session id is sent with the call to Signifikant to identify the session and the user. The call is: http://server/SignifikantWeb/language/site/Account/Authenticate?sessionId=abc123def
server, the address to the server
language, the users language code as defined for current user; se-SE, en-GB etc.
site, what publication/database to display
sessionId, identifies the user/session in an external system. This is preserved for the user session and is used in the Authenticate call to fetch user properties to Signifikant.
2. User is active in Signifikant and wishes to log in
By logging in, the user may get prices and can later place an order where the user need to be identified. By calling the external system from Signifikant it can provide login dialog etc to make the user identify himself. Once login has succeeded the external calls Signifikant as above use case, providing the sessionid. Signifikant issues the Authenticate call to fetch user properties.
Signifikant login dialog
A login dialog is presented in Signifikant, and users name and password is sent to the backend system SignIn function to verify it. If all is well a user record with a session id is returned to Signifikant and the user is logged in.
External login procedure
A link to an external login handler is configured in Signifikant. A return Url is passed as a parameter to indicate where the user was positioned when login is made.
The external system performs a login routine and when all is well, a call to Signifikant Authenticate. This is the same call as in case 1 above.
SignIn
URI | /Signin |
URL Structure | https://host/api/Order/Signin |
HTTP Method | GET/Signin |
Default format | JSON |
Description | Signifikant will call the Signin function when a user decides to sign in, to be able to place an order at a later time. The back end system performs the sign in procedure and returns a user record back to Signifikant. |
JSON structure sample
RequestUri
https://host/API/Order/Signin?UserName=user&Password=secretwordResponse
{
"SessionId": "aabbcc112233",
"User": {
"UserName": "thsa",
"Title": "mr",
"FirstName": "Thomas",
"LastName": "Sandström",
"Email": "thomas.sandstrom@signifikant.se",
"PhoneNumber": "+46768580016",
"BillingAddress": null,
"ShippingAddress": null,
"Currency": null,
"Country": "SE",
"Organization": null,
"CustomerNumber": "12345",
"CustomerName": "Company Inc",
"CallCenterUser": null,
"Groups": ["Guest", "Admin"],
"Properties": [{
"Key": "Key1",
"Value": "Value1",
"Type": "Type1"
}, {
"Key": "Market",
"Value": "Europe",
"Type": null
}
]
},
"StatusCode": "Ok",
"Message": null,
"HtmlMessage": null,
"Properties": []
}Authenticate
URI | /Authenticate |
URL Structure | https://host/api/Order/Authenticate |
HTTP Method | GET/Authenticate |
Default format | JSON |
Description | Signifikant will call the Authenticate function when a user calls Signifikant with a session-identity in the Uri. A similar user record as above is returned from the back end system if the session identity is valid. |
JSON structure sample
RequestUri
https://host/API/Authentication/Authenticate?SessionId=123ABCResponse
Response when user is unauthenticated, and the session id is not accepted
The status code is not Ok, but Unauthenticated and the RedirectUrl is an address to the external system login dialog.
The external system is expected to call Significant Account controller to establish the user, and to honor an returnUrl parameter to position Signifikant user properly after the login is executed.
Configuration
Configuration is done in profile.config
REST parameter | Description |
|---|---|
url | Base path to external server |
authenticate | End point name, appended to the base path, for the authenticate call, to verify and return logged in user when a, external system session id is known |
login | End point name, appended to the base path, for the sign in call, to verify and return logged in user when no session id has been introduced to Signifikant |
authorization-scheme | OAuth or Basic authentication strategy. OAuth or Basic parameters are mandatory to specify details of the authentication allegorithm. |
oath-consumerkey | OAuth parameter: consumer key |
oath-consumersecret | OAuth parameter: consumer secret |
oath-tokenvalue | OAuth parameter: token value |
oath-tokensecret | OAuth parameter: token secret |
external-login-dialog | False: display internal login dialogue, true: follow redirect url in “authenticate” response from external system |
server-database-synchronize | Add and maintain user record in the server database. Create user when information is first received from external system. Read user (especially with added group/permission) from the database in subsequent calls. Update the database when new user name, email, telephone etc are read from external system in subsequent calls. |
authentication-credentials | Basic parameter: credentials on the complete form username:password is used in first hand for basic authentication |
authentication-name | Basic parameter: alternative way to defined credentials username |
authentication-password | Basic parameter: alternative way to defined credentials pasword |
price-group | Identify returned parameter value, users pricelist is identified |
warehouse | Identify returned parameter value, users warehouse is identified |
market | Identify returned parameter value, users market is identified |