Skip to content

Authorization

Jump to bottom
Slava Ruckis edited this page Sep 10, 2019 · 2 revisions

Getting JWT auth token to call REST API methods

In order to get JWT auth token, you must authenticate using mobile phone through SMS, where phone country code + phone number is used as user identifier. Authentication procedure must be initiated by calling POST /users/verify method as in this example:

curl -X POST \
  https://api.monetha.io/mth/v1/users/verify \
  -H 'Accept-Encoding: gzip, deflate' \
  -H 'Content-Type: application/json' \
  -d '{
	"country_code_iso": "LT", 
	"country_code": "370",  
	"phone_number": "68086090",  
	"device_id": "a67c5d31-6f3d-4403-b8fa-c8f8a5a543d7",
}'

where:

  • country_code_iso is your language ISO code
  • country_code - phone code for your country
  • phone_number - phone number without country code
  • device_id - a unique ID of the device the request is being made from (can be any generated GUID)

After calling this method you will receive an SMS to your phone number (in example it's +37068086090) with a 6 digit verification code. Also, this call will produce such a response:

{
    "is_registered": false,
    "verification_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NjUzMjkwMTgsImlhdCI6MTU2NTMyODQxOCwiaWQiOjE4NjM2NTUsImNvdW50cnlfY29kZSI6IjAwMDEiLCJjb3VudHJ5X2NvZGVfaXNvIjoiTFQiLCJkZXZpY2VfaWQiOiJhIiwiZGV2aWNlX29zIjoiYW5kcm9pZCIsInBob25lX251bWJlciI6IjYzNDQ1NDczNjI4MDk1In0.Xf9DonU7vKqXiz7W08wfU7wBxnCVC7tHWoYlZLgWSts"
}

where property is_registered indicates, whether you have to register (sign up) or just sign in in order to get auth token.

Sign up and sign in methods have exactly the same payload, only the url differs:

  • When is_registered is false - call POST /users/signup
  • When is_registered is true - call POST /users/signin

Here is an example request:

curl -X POST \
  https://api.monetha.io/mth/v1/users/signup \
  -H 'Accept-Encoding: gzip, deflate' \
  -H 'Content-Type: application/json' \
  -d '{
  "verification_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NjUzMjkwMTgsImlhdCI6MTU2NTMyODQxOCwiaWQiOjE4NjM2NTUsImNvdW50cnlfY29kZSI6IjAwMDEiLCJjb3VudHJ5X2NvZGVfaXNvIjoiTFQiLCJkZXZpY2VfaWQiOiJhIiwiZGV2aWNlX29zIjoiYW5kcm9pZCIsInBob25lX251bWJlciI6IjYzNDQ1NDczNjI4MDk1In0.Xf9DonU7vKqXiz7W08wfU7wBxnCVC7tHWoYlZLgWSts",
  "verification_code": "123456"
}'

where:

  • verification_token is the token you received from POST /users/verify call
  • verification_code is the 6 digit code you have received in SMS

The call will produce a response:

{
    "auth_token": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NjgwMDcwNTgsImlhdCI6MTU2NTMyODY1OCwibmJmIjoxNTY1MzI4NjU4LCJpZCI6MTExNzQ1NSwiZGV2X2lkIjoiYSJ9.v_OYeH4Uh6cGOAJFsk2w1BMi7PtMChVu15AtCk58SQA",
    "user": {
        // ... fields omitted for brevity
    }
}

where auth_token is your JWT auth token.

Now this auth token can be used in Monetha Rest APIs.

Clone this wiki locally