Rebilly API Docs

Exchange an authentication token

Exchanges an authentication token for a JWT.

By default, this operation invalidates the exchanged authentication token.

SecuritySecretApiKey or JWT or PublishableApiKey

Request

path Parameters

token

required

string

ID of the authentication token.

Request Body schema: application/json

invalidate

boolean

Default: true

Specifies whether to invalidate a token after an exchange is performed.

oneTimePassword

string^[0-9]{6}$

One time password that sent by email. This value must contain digits only.

Array of objects (Acl)

Access Control List (ACL) information.

Array

required	object Scope of the API key.
permissions required	Array of strings <operationId> If you are creating a restricted API key, use this field to specify individual permissions. Use the wildcard character `*` to provide full access.

object

property name*

additional property

any

expiredTime

string <date-time>

Date and time when the session expires. The default value is one hour after the createdTime value.

Responses

201

Authentication token exchanged for a JWT.

Response Headers
Location	string <uri> Location of the related resource. Example: "https://api.rebilly.com/example"

Response Schema: application/json

string <= 50 characters

ID of the session.

type

string

Type of session.

Value: "customer"

token

string

Token used for authentication.

customerId

string <= 50 characters

Customer resource ID.

Array of objects (Acl)

Access Control List (ACL) information.

Array

required	object Scope of the API key.
permissions required	Array of strings <operationId> If you are creating a restricted API key, use this field to specify individual permissions. Use the wildcard character `*` to provide full access.

object

property name*

additional property

any

createdTime

string <date-time> (CreatedTime)

Date and time which is set automatically when the resource is created.

updatedTime

string <date-time> (UpdatedTime)

Date and time which updates automatically when the resource is updated.

expiredTime

string <date-time>

Date and time when the session expires. The default value is one hour after the createdTime value.

Array of objects

Related links.

Array

href	string Link URL.
rel	string Type of link. Value: "customer"

401

Unauthorized access. Invalid credentials used.

403

Access forbidden.

404

Resource not found.

post/authentication-tokens/{token}/exchange

Request samples

application/json

{"invalidate": true,
"oneTimePassword": "123456",
"acl": [{"scope": {"organizationId": ["organizationId-id-1"
]
},
"permissions": ["PostFile",
"StorefrontGetAccount",
"StorefrontGetWebsite",
"StorefrontGetKycDocumentCollection",
"StorefrontGetKycDocument",
"StorefrontPostKycDocument"
]
}
],
"customClaims": {"documents": ["identity-proof",
"address-proof"
],
"redirectUrl": "https://mywebsite.com"
},
"expiredTime": "2019-08-24T14:15:22Z"
}

Response samples

application/json

{"id": "jwt_0YV7DEJX80CDRAKVTV478ZNJDR",
"type": "customer",
"token": "string",
"customerId": "cus_0YV7DDSDD1C8DA64KHH2W33CPF",
"acl": [{"scope": {"organizationId": ["organizationId-id-1"
]
},
"permissions": ["PostFile",
"StorefrontGetAccount",
"StorefrontGetWebsite",
"StorefrontGetKycDocumentCollection",
"StorefrontGetKycDocument",
"StorefrontPostKycDocument"
]
}
],
"customClaims": {"documents": ["identity-proof",
"address-proof"
],
"redirectUrl": "https://mywebsite.com"
},
"createdTime": "2019-08-24T14:15:22Z",
"updatedTime": "2019-08-24T14:15:22Z",
"expiredTime": "2019-08-24T14:15:22Z",
"_links": [{"href": "string",
"rel": "customer"
}
]
}

➔ Next to Retrieve credentials