For trusted clients, authentication can be done using the OAuth password flow, which entails trading a username/password combination for an access token.

Logging In

HTTP Request

POST /api/customer/auth

Request Body

{
  "username": "test@delivery.com",
  "password": "secretstring",
  "grant_type": "password",
  "client_id": "NzRhMTRjNzhkOWVhODRkOWZiMjJjNzdkZWFkYmZkMDE2",
  "client_secret": "q15LWIGguIkIizNSSUeFBax7u6uJMz6oEt8pZGBa",
  "scope": "global,payment"
}
Property Name Type Notes
Required Properties
username String The email for the account
password String
grant_type String If you’re using a refresh_token, use refresh_token. Otherwise use password.
client_id String OAuth client ID
client_secret String OAuth client secret.
scope String Comma-delimited list of requested OAuth access scopes

Success Response

HTTP 200 OK

{
  "access_token": "hPvBJ3DlXUd4EaGC6DWaeW7JJhXhxViKJQmnOC31",
  "token_type": "bearer",
  "expires": 1393356779,
  "expires_in": 604800,
  "refresh_token": "ZvC2J38egmVSBfdmFk6RjduiFdfNurkbhHBZNkpq",
  "message": [
    
  ],
  "user": {
    "email": "mkaminski@delivery.com",
    "first_name": "Michael",
    "last_name": "Kaminski",
    "delivery_points": "3017",
    "customer_id": "521656"
  }
}

OAuth Scopes

Scope Name Description
global All endpoints except POST /customer/cc
payment Access to POST /customer/cc
merchant Access to /merchant/admin endpoints

View Authenticated User Info

HTTP Request

GET /api/customer/auth

Request Body

{
}

Success Response

HTTP 200 OK

{
  "user": {
    "email": "mkaminski@delivery.com",
    "first_name": "Michael",
    "last_name": "Kaminski",
    "delivery_points": "3017",
    "customer_id": "521656"
  },
  "message": [
    
  ]
}

Logging Out

This endpoint terminates a user’s access token.

HTTP Request

DELETE /api/customer/auth

Request Body

{
}

Success Response

HTTP 200 OK

{
  "message": [
    {
      "code": "acct_logged_out",
      "user_msg": "You were successfully logged out.",
      "dev_msg": "Access token successfully deleted."
    }
  ]
}