Authentication

Summary

After reading this document you should be able to query FSCO’s underlying services you have access to.

You will have completed the following:

• Creating an api key to use in your services
• Requesting a bearer token using the api key
• Using the bearer token to query FSCO services

Auth Flow

title: FSCO API Key Auth _: Creating an API Key for your service User -> FSCO Portal: Create Api Key FSCO Portal -> User: Api Keys group: Repeat every 1 hour _: Getting a temporary token for requests User -> FSCO CA: API Keys FSCO CA -> User: JWT Token _: Using token to perform actions User -> FSCO Service 1: JWT Token FSCO Service 1 -> User: Response end

Creating an API Key

To create an api key you can head to our API Portal For Prod For Staging you will want to save your key and secret in a safe place as you will not be able to access the secret again.

If you ever lose your secret or key we recomend creating a new api key then update your services to use the new key before deleting your old key.

Requesting a bearer token

Now that you have your api key and secret you can use them to request a bearer token from our Central Authentication service. You will need to make a POST request to the following endpoint:

Headers

• fsco-api-key: string: Formatted as uuid, obtained via the FSCO Dev Portal.
• fsco-api-secret: string: The api secret string can be obtained via the FSCO Dev Portal.
• fsco-organisation-id: string: Formatted as uuid, the organisationId is supplied by FSCO.
• fsco-app-id?: string: Formatted as uuid, the appId is supplied by FSCO.

Base URL

• staging: https://staging-api.authentication.staging.fsco.io
• production: https://prod-api.authentication.fsco.io

Request

GET {{CENTRAL_AUTH_URL}}/api/authentication/keys HTTP/1.1
content-type: application/json
fsco-api-key: {key}
fsco-api-secret: {secret}
fsco-organisation-id: {your-org-id}

Response

{
    "token": "bearer ..."
}

You have now requested your first jwt bearer token from FSCO, you can now use this token in the Authorization header to query FSCO services you have access to.

Note

This token will expire in 1 hour from the time it was issued. Another token can be requested at any time.

Using the bearer token

Now that you have a the jwt token you can use this token for the next hour to query FSCO services you have access to. You will need to add the token to the Authorization header of your request.

Note

If there are any issue with your token permissions you will recieve a 401 response.

Note

If you are having issues with your token please reach out to your FSCO rep for assistance.

Example usage in API

GET {{CENTRAL_AUTH_URL}}/api/authentication/keys/me
Content-Type: application/json
Authorization: bearer ...

Response

{
  "id": "0000000-0000-0000-0000-000000000000",
  "label": "Fresh Supply",
  "isActive": true,
  "isSuperKey": true,
  "key":  "0000000-0000-0000-0000-000000000000",
  "allowedOrgs": [
    {
      "name": "Fresh Supply",
      "id":  "0000000-0000-0000-0000-000000000000"
    }
  ],
  "connectedApps": [],
  "currentOrgId":  "0000000-0000-0000-0000-000000000000"
}