Authentication
This document covers information about authentication within the wunderbon network
Configurable Options
TL;DR
Authorization VS. Authentication
While Authentication is the process of ascertaining that a user really is who they claim to be, Authorization refers to rules that determine who is allowed to do what (e.g., Jane may be authorized to create and delete databases, while John is only authorized to read).
wunderbon uses state-of-the-art Authentication provided by one of the biggest specialists in Authentication called Auth0. Like our paradigm, "wunderbon completely stands on the shoulders of giants!" we rely on specialists to secure everything with high-security measures. This applies to all authentication parts of the wunderbon network. Do not reinvent the wheel - make it better, make it smart.
How to Authenticate
Most of the endpoints require you to authenticate and authorize. Requests that require authentication will sometimes return 404 Not Found
, instead of 403 Forbidden
. This is to prevent the accidental leakage of private data to unauthorized users.
Authenticate as POS
You can authenticate against the wunderbon REST API by using one of the following Authentication-Types:
Supported Authentication-Types
HTTP
This Authentication-Type MUST be used by external clients like a Mobile-App, a Web-App (User Login = Token based (Bearer)
in exchange for Credentials
) or within the backend infrastructure (e.g., Machine to Machine). wunderbon issues currently only one kind of token. So no matter if you are a Merchant
, POS-Provider
, or a Consumer
(web, app), you will most likely make use of a Bearer Token (JWT)
.
Supported Authentication-Schemes
Bearer
This Authentication-Scheme MUST be used by external clients like a Mobile-App, a Web-App, or within the backend infrastructure (e.g., Machine to Machine).
Supported Transportation-Methods
Header
This Transportation-Method MUST be used by external clients like a Mobile-App, a Web-App, or within the backend infrastructure (e.g., Machine to Machine).
Bearer Scheme
The Authentication-Scheme Bearer
is also known as JSON Web Token (JWT). It can be transmitted by the Transportation-Methods from the following examples:
This shows an example of a Bearer
Authorization with Transportation-Method Header:
Authorization: Bearer \
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzY290Y2guaW8iLCJleHAiO \
jEzMDA4MTkzODAsIm5hbWUiOiJDaHJpcyBTZXZpbGxlamEiLCJhZG1pbiI6dHJ1ZX0.03f \
329983b86f7d9a9f5fef85305880101d5e302afafa20154d094b229f75773
Token Lifetime
All tokens issued by the wunderbon network are valid for 24 hours. Then you need to renew your token (simply requesting a fresh one using your credentials). The lifetime is returned as the attribute expiresIn
for every issued token.
Updated 13 days ago