Authentication - Arltech Finance API

Overview

Every /finance/ endpoint requires a JWT token sent in the x-access-token request header. Tokens are issued by the EasyOwn auth endpoint.

Getting a token

curl -X POST http://134.209.118.139:3002/api/auth/signin \
  -H "Content-Type: application/json" \
  -d '{"username": "your_username", "password": "your_password"}'

Response

{
  "id": 1,
  "username": "your_username",
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Using the token

Pass the accessToken value in the x-access-token header on every subsequent request:

curl http://134.209.118.139:3002/finance/customers \
  -H "x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Token expiry

Tokens are valid for 24 hours. After expiry you will receive:

{ "message": "Unauthorized! Access Token was expired!" }

Re-authenticate to get a fresh token.

Never expose your token in client-side code or commit it to version control.

Introduction Errors

⌘I

​Overview

​Getting a token

​Using the token

​Token expiry

Overview

Getting a token

Using the token

Token expiry