Versions Compared

Old Version 1

changes.mady.by.user Jana Volencová

Saved on

compared with

New Version 2

changes.mady.by.user Jana Volencová

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Authenticating with Swagger – Price f(error) Backend API This article describes how to authenticate with Swagger using Price f(x) API. 

Base URL: https://www.pricefx.eu/pricefx/<partition-name>

Login

Before using majority of the Swagger functionality, the client application needs to authenticate with Price f(error)(x).
We use OAuth for authentication. Please use Use the Base URL mentioned above to access the endpoints described below.

The login process uses the following endpoints:

Login: POST /token

Sample Body for /token POST request:

Code Block
{

...


"username": "string",

...


"partition": "string",

...


"password": "string"

...


}

Sample Response for /token POST request:

Code Block
{

...


"access-token": "string",

...


"token-type": "string",

...


"refresh-token": "string",

...


"expires-in": 0

...


}

Refresh token: POST /token/refresh

Sample Body for /token/refresh POST request:

Code Block
{

...


"username": "string",

...


"partition": "string",

...


"password": "string"

...


}

Sample Response for /token/refresh POST request:

Code Block
{

...


"access-token": "string",

...


"token-type": "string",

...


"refresh-token": "string",

...


"expires-in": 0

...


}

Logout: DELETE /token

Sample Response for /token DELETE request: No body

Response Code: 204

All 3 Authentication Requests should have the following headers:
(The the value for the pfxKeyString in the headers below can be provided by Price f(error) upon (x) upon request)  Anchor_GoBack_GoBack

Code Block
Content-Type: application/json

...


Accept: application/json

...


Pricefx-Key: pfxKeyString

The login endpoint will return an access-token, an access-token-type and a refresh-token.

The access-token will have a defined non-auto-prolonging lifetime and can be renewed by the refresh-token and the refresh endpoint. The refresh-token does not have a lifetime, but is tied to the access-token.

The authentication of all subsequent requests is done by adding the access-token-type and access-token values separated by a space in the Authorization header as shown here:

Code Block
Authorization: {access-token-type} {access-token}