Customer authorization

The customers are the visitors to your website or mobile app users.

Authenticating as a recognized customer

You can use two endpoints to authenticate as a customer:

Both endpoints accept the same payload.

If you use Synerise RaaS authorization, none of the endpoints above can be used to register an account. See Customer registration.

Example: Synerise RaaS authentication

The example includes only the fields that are required.

curl --request POST 
  --url https://api.synerise.com/sauth/v2/auth/login/client 
  --header 'content-type: application/json' 
  --data '{
      "apiKey": "1c586ac4-cb47-4c45-a7cf-e0fb74e8e5f4",
      "identityProvider": "SYNERISE",
      "password": "Pass1!",
      "uuid": "5f89a52f-e526-4c7d-a50c-3f5c744d3162",
  }'

The response is a JSON Web Token (JWT) that must be included in the Authorization header of further requests. By default, the token is valid for 60 minutes.

Example: Facebook authentication, no registration if account does not exist

The example includes only the fields that are required.

curl --request POST 
  --url https://api.synerise.com/sauth/v2/auth/login/client/conditional 
  --header 'content-type: application/json' 
  --data '{
      "apiKey": "1c586ac4-cb47-4c45-a7cf-e0fb74e8e5f4",
      "identityProvider": "FACEBOOK",
      "identityProviderToken": "EAAfsMmaWLW0BAJZC3BWUZBi0izUcN9YntYLOZCtTkoPDrkcugIubbwrcXPPUPGKR6q4rdJdaK1sgNg4ARxVBQfUab8hafhPc2sXafL4wHVpS5mnEqrFTKbSHqj3ZBjX6HzMXXZA6qYnfNlzOQvjCEabjqgUdNQE6SrtPNQ7s7gZAOzFP3Ad1QB5vqxb276JM9yhBjVRp5SCdwZDZD"
  }'

The response is a JSON Web Token (JWT) that must be included in the Authorization header of further requests. By default, the token is valid for 60 minutes.

Authenticating as an anonymous customer

Method reference available here.

You can generate a JWT for a customer who does not have an account.

curl --request POST 
  --url https://api.synerise.com/sauth/v2/auth/login/client/anonymous 
  --header 'content-type: application/json' 
  --data '{
    "apiKey":"1c586ac4-cb47-4c45-a7cf-e0fb74e8e5f4",
    "deviceId":"b8af0626-d5cf-44d6-b12a-ec72f946db6f",
    "uuid":"07243772-008a-42e1-ba37-c3807cebde8f"
  }'

The response is a JSON Web Token (JWT) that must be included in the Authorization header of further requests. By default, the token is valid for 60 minutes.

Refreshing JWT

Method reference available here.

When the token is about to expire, you can obtain a new one without logging in again. This is not possible if the token has already expired.

curl --request POST 
  --url https://api.synerise.com/sauth/v2/auth/refresh/client 
  --header 'Authorization: Bearer _YOUR_JWT_TOKEN_' 
  --header 'content-type: application/json' 
  --data '{
    "apiKey":"1c586ac4-cb47-4c45-a7cf-e0fb74e8e5f4"
    }'

The response is a new token.

😕

We are sorry to hear that

Thank you for helping improve out documentation. If you need help or have any questions, please consider contacting support.

😉

Awesome!

Thank you for helping improve out documentation. If you need help or have any questions, please consider contacting support.

Close modal icon Placeholder alt for modal to satisfy link checker