Auth

The Authentication APIs are used for accessing the Shopmonkey API.

GET/v3/auth/apikey/:expires?

New API Key

Generate a new API Key with an optional expiration based on the current session user and location. If an expiration is 0 or not provided, will create a non-expiring API Key.

URL parameters

  • Name
    expires
    Type
    integer
    Description
    a time in the future to expire the key. if not provided or 0, will not expire the key

200 Response

  • Name
    success
    Type
    boolean Required
    Description
    Returns true if successful
  • Name
    token
    Type
    string Required
    Description
    the API key

4xx Response

  • Name
    code
    Type
    string
    Description
    The error code
  • Name
    documentation_url
    Type
    string
    Description
    An optional link to the documentation for the error
  • Name
    message
    Type
    string
    Description
    the error message if not successful
  • Name
    success
    Type
    boolean Required
    Description
    if successful, will be true. if not successful, will be false and message will contain a human readable error message

5xx Response

  • Name
    code
    Type
    string
    Description
    The error code
  • Name
    documentation_url
    Type
    string
    Description
    An optional link to the documentation for the error
  • Name
    message
    Type
    string
    Description
    the error message if not successful
  • Name
    success
    Type
    boolean Required
    Description
    if successful, will be true. if not successful, will be false and message will contain a human readable error message

Example Request

GET
/v3/auth/apikey/:expires?
curl https://api.shopmonkey.cloud/v3/auth/apikey/EXPIRES? \ 
  -H "Authorization: Bearer ${SM_TOKEN}"

Example Response
application/json

{
  "success": true,
  "token": "token"
}
POST/v3/auth/login

Login

The endpoint for logging in and receiving a login session

Body parameters

  • Name
    audience
    Type
    one of: 'admin', 'api', 'app', 'hq', 'ops', 'shop'
    Description
    The app the user is logging into
  • Name
    email
    Type
    string Required
    Description
    The user's email address
  • Name
    password
    Type
    string Required
    Description
    The user's password

200 Response

  • Name
    data
    Type
    object Required
    Description
  • Name
    success
    Type
    boolean Required
    Description
    Returns true if the login attempt was successful

Properties for data object

  • Name
    algoliaAuthToken
    Type
    string Required
    Description
    Algolia Authorization Token
  • Name
    branch
    Type
    string Required
    Description
    SM_BRANCH value
  • Name
    entitlements
    Type
    array Required
    Description
  • Name
    natsUserCredentials
    Type
    string Required
    Description
    Nats User Credentials
  • Name
    sessionId
    Type
    string Required
    Description
    The unique session identifier
  • Name
    token
    Type
    string Required
    Description
    JWT Authorization Token
  • Name
    user
    Type
    object Required
    Description

Properties for user object

  • Name
    color
    Type
    string
    Description
    The user's color
  • Name
    companyId
    Type
    string Required
    Description
    The unique company identifier
  • Name
    companyLocations
    Type
    array
    Description
    A list of all company locations (even ones the user does not have access to) — only returned on HQ login/session requests
  • Name
    companyWideAccess
    Type
    boolean Required
    Description
    Whether the user has company wide access or location specific access
  • Name
    createdDate
    Type
    string Required
    Description
    The user's creation date
  • Name
    currentLocationId
    Type
    string
    Description
    The unique location identifier
  • Name
    firstName
    Type
    string
    Description
    The user's given name
  • Name
    id
    Type
    string Required
    Description
    The unique identifier for the user
  • Name
    lastName
    Type
    string
    Description
    The user's family name
  • Name
    locations
    Type
    array
    Description
  • Name
    permissions
    Type
    array Required
    Description
  • Name
    userRoleNames
    Type
    array
    Description
  • Name
    company
    Type
    object
    Description
  • Name
    location
    Type
    object
    Description

Properties for company object

  • Name
    createdDate
    Type
    string Required
    Description
    The company's creation date
  • Name
    name
    Type
    string
    Description
    The company name
  • Name
    whiteLabelBlobId
    Type
    string
    Description
    The white label blob id

Properties for location object

  • Name
    country
    Type
    string
    Description
    The location country
  • Name
    createdDate
    Type
    string Required
    Description
    The location's creation date
  • Name
    locationConfig
    Type
    object
    Description
  • Name
    name
    Type
    string
    Description
    The location name
  • Name
    postalCode
    Type
    string
    Description
    The location postal code
  • Name
    state
    Type
    string
    Description
    The location state
  • Name
    timezone
    Type
    string
    Description
    The location timezone

Properties for locationConfig object

  • Name
    requireMileageRecordBeforeInvoice
    Type
    boolean Required
    Description
    True if the location requires mileage recorded before an order can be invoiced

4xx Response

  • Name
    code
    Type
    string
    Description
    The error code
  • Name
    documentation_url
    Type
    string
    Description
    An optional link to the documentation for the error
  • Name
    message
    Type
    string
    Description
    the error message if not successful
  • Name
    success
    Type
    boolean Required
    Description
    if successful, will be true. if not successful, will be false and message will contain a human readable error message

Example Request
application/json

POST
/v3/auth/login
curl https://api.shopmonkey.cloud/v3/auth/login \ 
 \ 
  -X POST -H 'Content-Type: application/json' \ 
  --data '{ "email" : "value", "password" : "value" }'

Example Response
application/json

{
  "success": true,
  "data": {
    "token": "token",
    "algoliaAuthToken": null,
    "sessionId": "sessionId",
    "user": {
      "id": "id",
      "locationId": "locationId",
      "companyId": "companyId",
      "firstName": "firstName",
      "lastName": "lastName",
      "permissions": [
        "permissions"
      ]
    }
  }
}
POST/v3/auth/logout

Logout

The endpoint for logging out and invalidating the login session

200 Response

  • Name
    success
    Type
    boolean Required
    Description

Example Request
application/json

POST
/v3/auth/logout
curl https://api.shopmonkey.cloud/v3/auth/logout \ 
  -H "Authorization: Bearer ${SM_TOKEN}" \ 
  -X POST -H 'Content-Type: application/json' \ 
  --data '{}'

Example Response
application/json

{
  "success": true
}