BackEnd

Introduction

There are two sections in this collection:

  • Front-end endpoints (if you want to reproduce the mobile/web SDK's behaviour without going through it)

  • Back-end endpoints (server to server)

Front-end endpoints workflow

Only two endpoints work without a userToken: partner/getprog and user/clientcheckcredentials. In order to call any of the other front-end endpoints, you will need to retrieve the userToken sent in user/clientcheckcredentials (data.user.userToken) which connects the user. See the JWT token section to understand where to place the userToken in your requests.

Back-end endpoints workflow

You must first get a token via auth/token before calling the other endpoints. See the JWT token section to understand where to place the token in your requests.

Creating a JWT token

https://www.iana.org/assignments/jwt/jwt.xhtml

$timestamp = time();
$partnerID = {{to_fill}};
$partnerSecret = {{to_fill}};
$token = {{to_fill}}; // userToken (frontend) or token (backend), empty for auth/token
$requestHeaders = {{to_fill}};
$requestBody = {{to_fill}};

$header = [
    “alg” => “HS256”,
    “typ” => “JWT”
];

$payload = [
    “iss” => $partnerID,    // The "iss" (issuer) claim identifies the principal that issued the JWT.
    “sub” => $token,   // The "sub" (subject) claim identifies the principal that is the subject of the JWT
    “iat” => $timestamp,    // The "iat" (issued at) claim identifies the time at which the JWT was issued. UTC.
    “data_header” => json_encode($requestHeaders),
    “data_body” => json_encode($requestBody)
];

$signature = HMACSHA256(
    base64UrlEncode($header) . "." .
    base64UrlEncode($payload),
    $partnerSecret
);

$jwtToken = base64UrlEncode($header) . "." . base64UrlEncode($payload) . "." . $signature;

PreviousRelease notesNextDeeplinks

Last updated