API DOCUMENT
Verification
This API Document provides details about the endpoints, methods, parameters, and responses of the API, allows users to perform various operations related to Verification epic.
By providing a detailed breakdown of endpoints, methods, parameters, and responses, developers can efficiently leverage the API to perform a myriad of operations related to Verification epic. With clear documentation, developers can swiftly grasp the nuances of the API, enabling them to implement secure and robust authentication mechanisms, manage user lifecycles effectively, and harness chip-based authentication for enhanced security measures. Thus, API documentation serves as a cornerstone for developers, offering valuable insights and guidelines to leverage the API’s functionalities to their fullest potential.
IoT User Login
This endpoint is responsible for managing authentication for the Tenant User Interface System (IoT). Upon successful authentication, the endpoint provides a JWT (JSON Web Token) which serves as an access token. This token is necessary for conducting subsequent interactions with the system.
In the authentication process, the user’s credentials are verified. If the provided credentials are valid, a JWT token is generated and returned in the response. This token contains claims about the authenticated user, which can be used to maintain user sessions and manage permissions.
The JWT token returned from this endpoint should be included as a ‘Bearer’ token in the Authorization header of subsequent API requests. This enables the system to authenticate further requests, whether they’re for initiating a chip authentication procedure, beginning a claiming procedure, or other operations requiring authenticated access.
Please note, it is essential to store and transmit this JWT token securely to ensure the integrity and confidentiality of the authenticated session.
- Method: POST
- Endpoint: /api/auth/iotLogin
- Site: IOT
Parameters: No additional parameters required.
Request Body: application/json
{
“username”: “hsrc-demo”,
“password”: “abcs”
}
Responses
- 200 OK: Success response
{
“iotId”: “4464b592da61f3fd5506fcb1f37f4bef”,
“username”: “hsrc-demo”,
“accessToken”: “eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c”
}
- 404 Not Found: ID does not exist.
{
“statusCode”: 404,
“message”: “Incorrect login credentials”,
“error”: “Not found”
}
- 500 Internal server error: An unexpected error occurred on the server.
{
“stack”: “string”,
“message”: “Timeout has occured”,
“name”: “TimeoutError”,
“info”: {
“meta”: null,
“lastValue”: null,
“seen”: 0
}
}
- 520 Web Server Returned an Unknown Error The origin server returned an empty, unknown, or unexpected response to Cloudflare.
Verification
This endpoint is used for immediate IOT authentication which returns the authentication result as a response.
- Method: GET
- Endpoint: /api/iot/immediateAuth
Parameters: Input CF-Acess-Client-ID and CF-Acess-Client-Secret.
Request Body: application/json
{
“PCCID”: “800000001000000010000000000000014464b592da61f3fd5506fcb1f37f4bef”,
}
Responses
- 201 OK: Success response.
{
“publicKey”: “string”
}
- 401 Unauthorized: Request lacks proper authentication.
{
“statusCode”: 401,
“message”: “Unauthorized”
}
- 403 Forbidden: Server understands the request but refuses to authorize it.
{
“statusCode”: 403,
“message”: “Invalid request – please supply combined PCCID or seperate PCC and ID”,
“error”: “Forbidden”
}
- 404 Not Found: ID does not exist.
{
“statusCode”: 404,
“message”: “PCC not found”,
“error”: “Not found”
}
- 520 Web Server Returned an Unknown Error The origin server returned an empty, unknown, or unexpected response to Cloudflare.
Quick navigation
Still stuck in the code maze? No worries, our team is just an email away at support@sandgrain.eu. We speak fluent bug-fix!