Auth
The Authentication APIs are used for accessing the Shopmonkey API.
GET/v3/auth/apikey/:expires?
New API Key
Generate a new API Key with an optional expiration based on the current session user and location. If an expiration is 0 or not provided, will create a non-expiring API Key.
URL parameters
- Name
expires
- Type
- integer
- Description
- a time in the future to expire the key. if not provided or 0, will not expire the key
200
Response
- Name
success
- Type
- boolean Required
- Description
- Returns true if successful
- Name
token
- Type
- string Required
- Description
- the API key
4xx
Response
- Name
code
- Type
- string
- Description
- The error code
- Name
documentation_url
- Type
- string
- Description
- An optional link to the documentation for the error
- Name
message
- Type
- string
- Description
- the error message if not successful
- Name
success
- Type
- boolean Required
- Description
- if successful, will be true. if not successful, will be false and message will contain a human readable error message
5xx
Response
- Name
code
- Type
- string
- Description
- The error code
- Name
documentation_url
- Type
- string
- Description
- An optional link to the documentation for the error
- Name
message
- Type
- string
- Description
- the error message if not successful
- Name
success
- Type
- boolean Required
- Description
- if successful, will be true. if not successful, will be false and message will contain a human readable error message
Example Request
GET
/v3/auth/apikey/:expires?curl https://api.shopmonkey.cloud/v3/auth/apikey/EXPIRES? \
-H "Authorization: Bearer ${SM_TOKEN}"
Example Responseapplication/json
{
"success": true,
"token": "token"
}
POST/v3/auth/login
Login
The endpoint for logging in and receiving a login session
Body parameters
- Name
audience
- Type
- one of: 'admin', 'api', 'app', 'hq', 'ops', 'shop'
- Description
- The app the user is logging into
- Name
email
- Type
- string Required
- Description
- The user's email address
- Name
password
- Type
- string Required
- Description
- The user's password
200
Response
- Name
data
- Type
- object Required
- Description
- Name
success
- Type
- boolean Required
- Description
- Returns true if the login attempt was successful
Properties for data
object
- Name
algoliaAuthToken
- Type
- string Required
- Description
- Algolia Authorization Token
- Name
branch
- Type
- string Required
- Description
- SM_BRANCH value
- Name
entitlements
- Type
- array Required
- Description
- Name
natsUserCredentials
- Type
- string Required
- Description
- Nats User Credentials
- Name
sessionId
- Type
- string Required
- Description
- The unique session identifier
- Name
token
- Type
- string Required
- Description
- JWT Authorization Token
- Name
user
- Type
- object Required
- Description
Properties for user
object
- Name
color
- Type
- string
- Description
- The user's color
- Name
companyId
- Type
- string Required
- Description
- The unique company identifier
- Name
companyLocations
- Type
- array
- Description
- A list of all company locations (even ones the user does not have access to) — only returned on HQ login/session requests
- Name
companyWideAccess
- Type
- boolean Required
- Description
- Whether the user has company wide access or location specific access
- Name
createdDate
- Type
- string Required
- Description
- The user's creation date
- Name
currentLocationId
- Type
- string
- Description
- The unique location identifier
- Name
firstName
- Type
- string
- Description
- The user's given name
- Name
id
- Type
- string Required
- Description
- The unique identifier for the user
- Name
lastName
- Type
- string
- Description
- The user's family name
- Name
locations
- Type
- array
- Description
- Name
permissions
- Type
- array Required
- Description
- Name
userRoleNames
- Type
- array
- Description
- Name
company
- Type
- object
- Description
- Name
location
- Type
- object
- Description
Properties for company
object
- Name
createdDate
- Type
- string Required
- Description
- The company's creation date
- Name
name
- Type
- string
- Description
- The company name
- Name
whiteLabelBlobId
- Type
- string
- Description
- The white label blob id
Properties for location
object
- Name
country
- Type
- string
- Description
- The location country
- Name
createdDate
- Type
- string Required
- Description
- The location's creation date
- Name
locationConfig
- Type
- object
- Description
- Name
name
- Type
- string
- Description
- The location name
- Name
postalCode
- Type
- string
- Description
- The location postal code
- Name
state
- Type
- string
- Description
- The location state
- Name
timezone
- Type
- string
- Description
- The location timezone
Properties for locationConfig
object
- Name
requireMileageRecordBeforeInvoice
- Type
- boolean Required
- Description
- True if the location requires mileage recorded before an order can be invoiced
4xx
Response
- Name
code
- Type
- string
- Description
- The error code
- Name
documentation_url
- Type
- string
- Description
- An optional link to the documentation for the error
- Name
message
- Type
- string
- Description
- the error message if not successful
- Name
success
- Type
- boolean Required
- Description
- if successful, will be true. if not successful, will be false and message will contain a human readable error message
Example Requestapplication/json
POST
/v3/auth/logincurl https://api.shopmonkey.cloud/v3/auth/login \
\
-X POST -H 'Content-Type: application/json' \
--data '{ "email" : "value", "password" : "value" }'
Example Responseapplication/json
{
"success": true,
"data": {
"token": "token",
"algoliaAuthToken": null,
"sessionId": "sessionId",
"user": {
"id": "id",
"locationId": "locationId",
"companyId": "companyId",
"firstName": "firstName",
"lastName": "lastName",
"permissions": [
"permissions"
]
}
}
}
POST/v3/auth/logout
Logout
The endpoint for logging out and invalidating the login session
200
Response
- Name
success
- Type
- boolean Required
- Description
Example Requestapplication/json
POST
/v3/auth/logoutcurl https://api.shopmonkey.cloud/v3/auth/logout \
-H "Authorization: Bearer ${SM_TOKEN}" \
-X POST -H 'Content-Type: application/json' \
--data '{}'
Example Responseapplication/json
{
"success": true
}