Synerise user authorization

The user is the person who logs in to the Synerise Application. They can have access to one or more workspaces, with different permissions in each profile. After a user logs in, they must choose a workspace to work with.

Users may be required to log in using multi-factor authentication.

Logging in as a user

API reference available here.

To log in as a user, you need the username and the password.

curl --location --request \
POST 'https://{SYNERISE_API_BASE_PATH}/uauth/auth/login/user' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "user@synerise.com",
    "password": "strongPassword"
}'

The response includes:

  • JSON Web Token (JWT) needed to authorize when selecting a workspace or modifying user data. This token cannot be used to perform operations within a workspace.
  • Information about the multi-factor authentication method
  • Information about the user. Note that no workspace is selected, the user has no permissions (authorities) and no roles.
{
    // JWT
    "token": "eyJhbGciOiJinvalidXyw0TAc",
    // User info
    "consumer": {
        "type": "USER",
        "businessProfileId": null,
        "name": "user@synerise.com",
        "id": 12345,
        "authorities": [],
        "roles": "-2",
        "type": "USER"
    },
    // multi-factor authentication method, if required
    "mfaMethods": [
        "TOTP_AUTHENTICATOR"
    ]
}

Confirming multi-factor authentication

API reference available here.

Important: After a user logs on, they don’t need to enter the authentication code on the same device for 8 hours.

You need the JWT obtained from the login request and a token from your authentication app.

curl --location --request \
POST 'https://{SYNERISE_API_BASE_PATH}/uauth/auth/login/user/mfa/verification?mfaType=TOTP_AUTHENTICATOR' \
--header 'Authorization: Bearer eyJhbG...2KIh6IU' \
--header 'Content-Type: application/json' \
--data-raw '{
    "verificationCode": "938538"
}'

The response is the same as in the login endpoint.

Proceed to workspace selection.

Workspace selection

After authentication, a user must select a workspace to work in.

Checking available workspaces

API reference available here.

You need a JWT obtained from logging in; multi-factor authentication (if enabled); or with a workspace already selected (when switching between profiles).

The following request checks the workspaces available to a user:

curl --location --request \
GET 'https://{SYNERISE_API_BASE_PATH}/uauth/business-profile/' \
--header 'Authorization: Bearer eyJhbGciOiJSUz...qDTl72iqwIji4'

The response is an array of workspaces available to a user. The UUID is stored in the businessProfileGuid field.

[
    {
        "id": 48,
        "name": "Sample Profile",
        "logo": "https://synerise.com/sample.png",
        "businessProfileGuid": "01234abc-1234-5678-9abc-def012345678",
        "created": "2020-07-21T12:41:59Z",
        "subdomain": "sample-profile",
        "ipRestricted": false,
        "mfaRequired": true
    }
]

Selecting a workspace

API reference available here.

You need:

curl --location --request \
POST 'https://{SYNERISE_API_BASE_PATH}/uauth/auth/login/user/profile/01234abc-1234-5678-9abc-def012345678' \
--header 'Authorization: Bearer eyJh...d886bpyWWZKvQESsM8cUYWuVqfSI'

The response includes:

  • JWT needed to perform operations as a user within a workspace (most operations performed as Synerise User require this token)
  • Information about the user and their authorities (permissions) in the workspace. These permissions correspond to the ones listed as required in the API reference.
{
    "token": "eyJhbGciOiJSU...tIarjyXFFCv_Ek6M",
    "consumer": {
        "type": "USER",
        "businessProfileId": 48,
        "name": "user@synerise.com",
        "id": 12345,
        "authorities": [
            "ROLE_ADMIN_EDITUSER",
            "ROLE_ANALYTICS_SHOW",
            "ROLE_API_ADD",
            "ROLE_API_CREATE",
            "ROLE_API_DELETE",
            ...
        ],
        "roles": "16",
        "type": "USER"
    }
}
😕

We are sorry to hear that

Thank you for helping improve out documentation. If you need help or have any questions, please consider contacting support.

😉

Awesome!

Thank you for helping improve out documentation. If you need help or have any questions, please consider contacting support.

Close modal icon Placeholder alt for modal to satisfy link checker