Make your first API Calls
In order to issue your first successful API call you need to perform two steps
Obtain a valid JWT Token from our IdentityProvider.
Make the actual API call.
Authorization
fulfillmenttools platform is secured using an external Identity-Provider (Google Identity Platform) which issues JWT tokens in exchange for a valid username and password. This JWT token encodes (among other things) your username, your role and which facility you are assigned to in a secure way.
Authorization against our API works by using such an issued JWT Token in every request as a HTTP-Header as follows.
For the sake of simplicity we are using curl calls throughout the documentation as a "common understanding" on how a REST call should look like. Please feel free to adapt this call to your used http client technology.
Request towards Authentication Provider
<AUTHKEY>
, <USERNAME>
and <PASSWORD>
have to be valid to your fulfillmenttools instance and are being given to you when the instance was created. The user must be an email address, which is usually in the format <USER>@<YOUR_INSTANCE_NAME>.com
Response from Authentication Provider
As a result, an answer looking similar to this is responded:
Two attributes in the above response are of special importance:
idToken
is the actual JWT Token you need to send along every REST Call you issue against the fulfillmenttools API. It has an expiration period to it depicted by the attribute expiresIn. In this case it is valid for 3600 seconds which equals to 1 hour. After that you need to get a fresh token.refreshToken
should be used to get a fresh token without providing the credentials again.
Refreshing an authorization token
In order to get a valid JWT Token after the expiration ran out you can either re-issue the call above (not recommended) or use the refreshToken given to you by the Authentication Provider (suggested):
Your first call against fulfillmenttools API
As an example please see the following request which reads the list of facilities from fulfillmenttools:
Please take note of the HTTP Header Authorization
followed by the value Bearer <AUTH_TOKEN>
.
A 200 OK
response would look similar to this:
Congratulations!
You just made your first successful API request - nicely done! Wasn't that hard, right?
However, this is just the beginning. We suggest to proceed along our tutorials to get a better understanding about the capabilities of fulfillmenttools.
Next Steps
Now you can go ahead and rule the world with the powerful fulfillmenttools API.
Last updated