Authenticating with Swagger – Price f Backend API This article describes how to authenticate with Swagger using Price f(x) API.
Base URL: https://www.pricefx.eu/pricefx/<partition-name>
Login
Before using majority of the Swagger functionality, the client application needs to authenticate with Price f(x).
We use OAuth for authentication. Please use Use the Base URL mentioned above to access the endpoints described below.
The login process uses the following endpoints:
Login: POST /token
Sample Body for /token POST request:
Code Block |
---|
{ |
...
"username": "string", |
...
"partition": "string", |
...
"password": "string" |
...
} |
Sample Response for /token POST request:
Code Block |
---|
{ |
...
"access-token": "string", |
...
"token-type": "string", |
...
"refresh-token": "string", |
...
"expires-in": 0 |
...
} |
Refresh token: POST /token/refresh
Sample Body for /token/refresh POST request:
Code Block |
---|
{ |
...
"username": "string", |
...
"partition": "string", |
...
"password": "string" |
...
} |
Sample Response for /token/refresh POST request:
Code Block |
---|
{ |
...
"access-token": "string", |
...
"token-type": "string", |
...
"refresh-token": "string", |
...
"expires-in": 0 |
...
} |
Logout: DELETE /token
Sample Response for /token DELETE request: No body
Response Code: 204
All 3 Authentication Requests should have the following headers:
(The the value for the pfxKeyString in the headers below can be provided by Price f upon (x) upon request) Anchor
Code Block |
---|
Content-Type: application/json |
...
Accept: application/json |
...
Pricefx-Key: pfxKeyString |
The login endpoint will return an access-token, an access-token-type and a refresh-token.
The access-token will have a defined non-auto-prolonging lifetime and can be renewed by the refresh-token and the refresh endpoint. The refresh-token does not have a lifetime, but is tied to the access-token.
The authentication of all subsequent requests is done by adding the access-token-type and access-token values separated by a space in the Authorization header as shown here:
Code Block |
---|
Authorization: {access-token-type} {access-token} |