Introduction
This is the specification of the Checkout Authentication API.
For the step-by-step instructions, see the Checkout Authentication API Guide.
Authentication Guide
The Authentication API enables seamless Identity Management with SCAYLE. It provides endpoints for user authentication (OAuth Client), token management (Bearer Auth), and integration with external identity providers such as Auth0, Salesforce, Google, or Apple SSO.
Please refer to SCAYLEs Authentication Guide to receive more information on
- Authentication flow
- Token handling
- Token lifetime
- Token revoke logic
- Available Identiy Provider
Authentication Methods
SCAYLE offers two options for user authentication:
| Method | Description |
|---|---|
| Authenticate via OAuth APIs | The OAuth Client API provides the user-facing endpoints, enabling e.g. user creation or login, handling password reset emails, and allowing users to update their passwords within a to be build form. |
| Authenticate via Single Sign-On | The API Endpoints for Single Sign-On can be used to handle Identity Provider redirects or callbacks. |
For advanced token management, SCAYLE provides the Bearer Auth APIs.
| Method | Description |
|---|---|
| Token Management via Bearer Auth | The Bearer Auth API is designed for overall token management, allowing validation, refreshing, revocation, or deletion of tokens. The Shop can also retrieve a list of active tokens, either individually or collectively. |
Getting Started
This API MUST only be used by backend services.
Base URL
The Authentication API is served over HTTPS. All URLs referenced in the documentation have the following base:
https://{{tenant-space}}.auth.scayle.cloud/v1
Header
- Authorization Bearer Token
- Content-Type application/json
To create a token:\
- Navigate to
Shops > Storefront > API keys. - Click + Generate OAuth Credentials.
- Enter a Name and click Create Token.
Make sure to store those credentials safely in your backend.
API Client
Before you can interact with the Authentication API, you have to create an API client in the SCAYLE Panel to obtain your client_id and client_secret.
Authorize
Basic Authentication
All API requests must be made over HTTPS. Calls made over plain HTTP will fail.
API requests without authentication will also fail.
Username and password are required for each API request.
- Password: A dedicated secret key unique to each subaccount.
Example bad response
{
"components": {
"responses": {
"BadRequest": {
"description": "Bad Request",
"content": {
"application/json": {
"schema": {
"title": "BadRequestResponse",
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
},
"example": {
"error": "validation_error",
"message": "The property ID must be an integer.",
"context": {
"id": "abc123",
"context": {}
}
}
}
}
},
"UnauthorizedClient": {
"description": "Unauthorized",
"content": {
"application/json": {
"schema": {
"title": "UnauthorizedResponse",
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
},
"example": {
"error": "INVALID_CLIENT",
"message": "Client authentication failed.",
"context": null
}
}
}
}
},
"schemas": {
"JwksResponse": {
"type": "object",
"required": [
"keys"
],
"properties": {
"keys": {
"type": "array",
"items": {
"type": "object",
"required": [
"alg",
"kty",
"use",
"x5c",
"x5t",
"n",
"e",
"kid"
],
"properties": {
"alg": {
"type": "string",
"example": "RS256",
"description": "Algorithm used for signing (e.g., RSA with SHA-256)"
},
"kty": {
"type": "string",
"example": "RSA",
"description": "Key type (e.g., RSA)"
},
"use": {
"type": "string",
"example": "sig",
"description": "How the key is intended to be used (e.g., \"sig\" for signatures)"
},
"x5c": {
"type": "array",
"items": {
"type": "string",
"example": [
"MIIC+DCCAeCgAwIBAgIJBIGjYW6hFpn2MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTAeFw0xNjExMjIyMjIyMDVaFw0zMDA4MDEyMjIyMDVaMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnjZc5bm/eGIHq09N9HKHahM7Y31P0ul+A2wwP4lSpIwFrWHzxw88/7Dwk9QMc+orGXX95R6av4GF+Es/nG3uK45ooMVMa/hYCh0Mtx3gnSuoTavQEkLzCvSwTqVwzZ+5noukWVqJuMKNwjL77GNcPLY7Xy2/skMCT5bR8UoWaufooQvYq6SyPcRAU4BtdquZRiBT4U5f+4pwNTxSvey7ki50yc1tG49Per/0zA4O6Tlpv8x7Red6m1bCNHt7+Z5nSl3RX/QYyAEUX1a28VcYmR41Osy+o2OUCXYdUAphDaHo4/8rbKTJhlu8jEcc1KoMXAKjgaVZtG/v5ltx6AXY0CAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUQxFG602h1cG+pnyvJoy9pGJJoCswDQYJKoZIhvcNAQEFBQADggEBAGvtCbzGNBUJPLICth3mLsX0Z4z8T8iu4tyoiuAshP/Ry/ZBnFnXmhD8vwgMZ2lTgUWwlrvlgN+fAtYKnwFO2G3BOCFw96Nm8So9sjTda9CCZ3dhoH57F/hVMBB0K6xhklAc0b5ZxUpCIN92v/w+xZoz1XQBHe8ZbRHaP1HpRM4M7DJk2G5cgUCyu3UBvYS41sHvzrxQ3z7vIePRA4WF4bEkfX12gvny0RsPkrbVMXX1Rj9t6V7QXrbPYBAO+43JvDGYawxYVvLhz+BJ45x50GFQmHszfY3BR9TPK8xmMmQwtIvLu1PMttNCs7niCYkSiUv2sc2mlq1i3IashGkkgmo="
],
"description": "X.509 certificate chain in base64 encoded format"
}
},
"n": {
"type": "string",
"example": "yeNlzlub94YgerT030codqEztjfU_S6X4DbDA_iVKkjAWtYfPHDzz_sPCT1Axz6isZdf3lHpq_gYX4Sz-cbe4rjmigxUxr-FgKHQy3HeCdK6hNq9ASQvMK9LBOpXDNn7mei6RZWom4wo3CMvvsY1w8tjtfLb-yQwJPltHxShZq5-ihC9irpLI9xEBTgG12q5lGIFPhTl_7inA1PFK97LuSLnTJzW0bj096v_TMDg7pOWm_zHtF53qbVsI0e3v5nmdKXdFf9BjIARRfVrbxVxiZHjU6zL6jY5QJdh1QCmENoejj_ytspMmGW7yMRxzUqgxcAqOBpVm0b-_mW3HoBdjQ",
"description": "RSA modulus component (base64 encoded)"
},
"e": {
"type": "string",
"example": "AQAB",
"description": "RSA public exponent component (base64 encoded)"
},
"kid": {
"type": "string",
"example": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"description": "Key ID (identifier for the key)"
},
"x5t": {
"type": "string",
"example": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"description": "X.509 certificate thumbprint (SHA-1 or other hash)"
}
}
}
}
}
},
"RegisterRequest": {
"type": "object",
"required": [
"first_name",
"last_name",
"email",
"password",
"gender",
"shop_id"
],
"properties": {
"first_name": {
"type": "string",
"minLength": 1,
"example": "Max",
"description": "The first name of the user"
},
"last_name": {
"type": "string",
"minLength": 1,
"example": "Mustermann",
"description": "The last name of the user"
},
"email": {
"type": "string",
"pattern": "^[a-z0-9][-a-z0-9_\\+\\.]*[a-z0-9]@[a-z0-9][-a-z0-9\\.]*[a-z0-9]\\.[a-z]{2,16}$",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"password": {
"type": "string",
"minLength": 1,
"example": "A2$z44a-",
"description": "The password of the user"
},
"gender": {
"type": "string",
"example": "f",
"description": "The gender of the user",
"enum": [
"m",
"f",
"d"
]
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"LoginRequest": {
"type": "object",
"required": [
"email",
"password",
"shop_id"
],
"properties": {
"email": {
"type": "string",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"password": {
"type": "string",
"minLength": 1,
"example": "A2$z44a-",
"description": "The password of the user"
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"GuestLoginRequest": {
"type": "object",
"required": [
"first_name",
"last_name",
"email",
"gender",
"shop_id"
],
"properties": {
"first_name": {
"type": "string",
"minLength": 1,
"example": "Max",
"description": "The first name of the user"
},
"last_name": {
"type": "string",
"minLength": 1,
"example": "Mustermann",
"description": "The last name of the user"
},
"email": {
"type": "string",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"gender": {
"type": "string",
"example": "f",
"description": "The gender of the user",
"enum": [
"m",
"f",
"d"
]
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"TokenPostRequest": {
"type": "object",
"required": [
"grant_type"
],
"properties": {
"grant_type": {
"type": "string",
"minLength": 1,
"example": "refresh_token",
"description": "OAuth grant type",
"enum": [
"refresh_token",
"authorization_code"
]
},
"refresh_token": {
"type": "string",
"minLength": 1,
"example": "def502006e21b4d0c6f154dd21a6fa273dc7dd9856606add87d5aa4a5078bdca44c9d3477f56981450ad40846665183e5ba19d16f4b020e53311e4729d5463cf7b2d79fb72f85c3a4ecb3aea1d881e7a2a1784ca7dc991c1e80066ef55b6c4c50731baa5d81f4ba98685773e24a6ef491490a46a78edfac6d5ff830138d5b946cdbfd71d469328cf5537cef20518097ea3f7664ccda2f061e881671e7647daad0344211e6d4e4dbc2662ad236190508fe68900c4b2deb4e57503af6dcce09c1694fe34c1fb08959b81fd356bf7406b0b8bc36d5f79a2ea939ad83b6d75b54034912992d1faa6f2c4ada225896212769c9d4e96d896a5c9cffbfd025e8dd6bee651b3e0f7e93910593c1a3570d3522bf6a9143b09c44339ea0170d87b153dfafe9a7adeddf59dd9181ad705573d72b0149de9af5fab053c1d409b3d32d6535d4042dc27bd94b198e7aa2756a9391e6c672bcbb1b7795d3045223c81fe15e86db68b",
"description": "The refresh token"
},
"code": {
"type": "string",
"minLength": 1,
"example": "IwD3at7PzwlJ9OzdkPfolEgHtk0Cb7XocFkLQ6JW",
"description": "The authorization code"
}
}
},
"AuthResponse": {
"type": "object",
"required": [
"token_type",
"expires_in",
"access_token",
"refresh_token"
],
"properties": {
"token_type": {
"type": "string",
"example": "Bearer",
"description": "The token type",
"enum": [
"Bearer"
]
},
"expires_in": {
"type": "integer",
"example": 2678400,
"description": "Expiration time in seconds of the Access Token"
},
"access_token": {
"type": "string",
"minLength": 1,
"example": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxIiwianRpIjoiYTdkNjc5ZWQwMWZhYzYxZjE5MTk0OGRlMDJlODE4ZGUzZmYwM2I5ODc5MzQ1Mjk5NmVkOGJlMDZmNWM3ZmUxZTA4Nzc4ZTllZGY3YTJkZDYiLCJpYXQiOjE2Nzc1ODIzOTguOTY0Nzk1LCJuYmYiOjE2Nzc1ODIzOTguOTY0ODA2LCJleHAiOjE3MDkxMTgzOTguOTU3OTk1LCJzdWIiOiIxIiwic2NvcGVzIjpbXSwiY3VzdG9tZXJJZCI6MTE3Mjk1NTF9.GBwEWogAUTVhdZJG8Ft4sxbUfgHwEHA6Tl-FTo4HzD-dWgssLb67ggCGfMStb_Oy2Y6kUc2LXqQr_yrismQPK9Al7xQLhvbLHDeKrFvOh8CeoP3GAUItuaadosKw7rHMWJgxOA3gLvwGiintEvEwwz3U5vAm7pMMPQYQ5l4dKtCy09AUeOFK1xTOcP299ua5BBavMAWMxfYdZWJQ7QVlz2Sz9rjeAVzIfpOmnXTO71t3yTHCBhPMwuvazzEtfLOw2hVlkpT99z_MlN_6BSKYXft1w5lKfvQBicwSQyYMgVNuYTp2y7xoO-J8sEMd75C3vXNTtcI2lLcE9sLpUnH44Ur4TmsJnUsyMmhvCawplmlkGuDImzjXJOaCprC0VfYl9UQGoqy7Bh9WK5A72Kjt6kj5F7SNoROapVy1qLvv0qJM9Nj1HBk51dQ3RDHrHIZUyamHC_NdjYWAenkNmbol12uqBh8YmcLOfAuM9FSQV2VlxugDJP0LiAaGNXiseUjZsz-9O5Nt3Wr9iKpy03P_2Ec0r8PyABZj0VyFpvfBZU0aPia4phe2iQkNV8Dtpp9KqrsOrwNM5WML24hFUaQHajrhNwszQstNEC4-F1t_fZhSKcAWLk5AVmhVnJfg3GVarySh09MlzgpjbUIxgvJlfq5wls_3SqoKZNz02rfirzc",
"description": "The accessToken to be included in secured API requests"
},
"refresh_token": {
"type": "string",
"minLength": 1,
"example": "def50200e47c39150262586222c6b1f9c700b386f2214fc33945a775f574c5902a0b919e701ec9fbfdbc3517d59936e8748443c8ca568d04616056b0755ef59a0281ac53ebec032f7f6155b2bf4cdf7cb845ff0639cc622cfbc1b0c9d72fb443e94f614ee87399f2bd593474b7cab30d4ea6b226c173989f3518ae616c2c8edb502f975c34c569cd70d326d7c9cf440a7f5e2f47f066c562064e9291e3ecd9cbf2a9df0989a48aa2732425478720319be7a3a235ac68c17bb3203b8fd1ba5fcdc71e205c8083b343df68bbfada6abc3d3c1d60eacdcef7d7d9a915e39a0c589766c6315f40c8af0b74af8cea9e230650c47fd425a0b7292862bc753cb97004ec8b505b7a37023ebc2ad3987c6693cbce5abb8e36f74e3b22e0b2d256f5845bbe63d4fddf2752a6a73e4229daa5f3f2c93f54121c58528b1a28f6bf347f1284d3145634ccd8552d7a05d8a086a212a2da2775a93a7ade1c8a42e309085a2a121999",
"description": "Refresh Tokens can be used to get a new access token without user interaction."
}
}
},
"TokenListResponse": {
"type": "object",
"required": [
"id",
"ip",
"user_agent",
"created_at",
"updated_at",
"expires_at"
],
"properties": {
"id": {
"type": "string",
"example": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"description": "Access Token Id"
},
"ip": {
"type": "string",
"example": "172.18.0.1",
"description": "Ip of the user"
},
"user_agent": {
"type": "string",
"example": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"description": "User agent of the user"
},
"created_at": {
"type": "string",
"example": "2023-03-01T14:07:15.000Z",
"description": "Creation date of the Access Token"
},
"updated_at": {
"type": "string",
"example": "2023-03-01T14:07:15.000Z",
"description": "Update date of the Access Token"
},
"expires_at": {
"type": "string",
"example": "2023-04-01T14:07:15.000Z",
"description": "Expiration date of the Access Token"
}
}
},
"ErrorResponse": {
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
}
},
"examples": {
"JwksResponse": {
"value": {
"keys": [
{
"alg": "RS256",
"kty": "RSA",
"use": "sig",
"x5c": [
"MIIC+DCCAeCgAwIBAgIJBIGjYW6hFpn2MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTAeFw0xNjExMjIyMjIyMDVaFw0zMDA4MDEyMjIyMDVaMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnjZc5bm/eGIHq09N9HKHahM7Y31P0ul+A2wwP4lSpIwFrWHzxw88/7Dwk9QMc+orGXX95R6av4GF+Es/nG3uK45ooMVMa/hYCh0Mtx3gnSuoTavQEkLzCvSwTqVwzZ+5noukWVqJuMKNwjL77GNcPLY7Xy2/skMCT5bR8UoWaufooQvYq6SyPcRAU4BtdquZRiBT4U5f+4pwNTxSvey7ki50yc1tG49Per/0zA4O6Tlpv8x7Red6m1bCNHt7+Z5nSl3RX/QYyAEUX1a28VcYmR41Osy+o2OUCXYdUAphDaHo4/8rbKTJhlu8jEcc1KoMXAKjgaVZtG/v5ltx6AXY0CAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUQxFG602h1cG+pnyvJoy9pGJJoCswDQYJKoZIhvcNAQEFBQADggEBAGvtCbzGNBUJPLICth3mLsX0Z4z8T8iu4tyoiuAshP/Ry/ZBnFnXmhD8vwgMZ2lTgUWwlrvlgN+fAtYKnwFO2G3BOCFw96Nm8So9sjTda9CCZ3dhoH57F/hVMBB0K6xhklAc0b5ZxUpCIN92v/w+xZoz1XQBHe8ZbRHaP1HpRM4M7DJk2G5cgUCyu3UBvYS41sHvzrxQ3z7vIePRA4WF4bEkfX12gvny0RsPkrbVMXX1Rj9t6V7QXrbPYBAO+43JvDGYawxYVvLhz+BJ45x50GFQmHszfY3BR9TPK8xmMmQwtIvLu1PMttNCs7niCYkSiUv2sc2mlq1i3IashGkkgmo="
],
"n": "yeNlzlub94YgerT030codqEztjfU_S6X4DbDA_iVKkjAWtYfPHDzz_sPCT1Axz6isZdf3lHpq_gYX4Sz-cbe4rjmigxUxr-FgKHQy3HeCdK6hNq9ASQvMK9LBOpXDNn7mei6RZWom4wo3CMvvsY1w8tjtfLb-yQwJPltHxShZq5-ihC9irpLI9xEBTgG12q5lGIFPhTl_7inA1PFK97LuSLnTJzW0bj096v_TMDg7pOWm_zHtF53qbVsI0e3v5nmdKXdFf9BjIARRfVrbxVxiZHjU6zL6jY5QJdh1QCmENoejj_ytspMmGW7yMRxzUqgxcAqOBpVm0b-_mW3HoBdjQ",
"e": "AQAB",
"kid": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"x5t": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg"
}
]
}
},
"RegisterRequest": {
"value": {
"first_name": "Max",
"last_name": "Mustermann",
"email": "max.mustermann@aboutyou.com",
"password": "test123",
"gender": "m",
"shop_id": 139
}
},
"LoginRequest": {
"value": {
"email": "testmail@aboutyou.com",
"password": "test123",
"shop_id": 139
}
},
"GuestLoginRequest": {
"value": {
"first_name": "Max",
"last_name": "Mustermann",
"email": "max.mustermann@aboutyou.com",
"gender": "m",
"shop_id": 139
}
},
"RefreshTokenRequest": {
"value": {
"grant_type": "refresh_token",
"refresh_token": "def502006e21b4d0c6f154dd21a6fa273dc7dd9856606add87d5aa4a5078bdca44c9d3477f56981450ad40846665183e5ba19d16f4b020e53311e4729d5463cf7b2d79fb72f85c3a4ecb3aea1d881e7a2a1784ca7dc991c1e80066ef55b6c4c50731baa5d81f4ba98685773e24a6ef491490a46a78edfac6d5ff830138d5b946cdbfd71d469328cf5537cef20518097ea3f7664ccda2f061e881671e7647daad0344211e6d4e4dbc2662ad236190508fe68900c4b2deb4e57503af6dcce09c1694fe34c1fb08959b81fd356bf7406b0b8bc36d5f79a2ea939ad83b6d75b54034912992d1faa6f2c4ada225896212769c9d4e96d896a5c9cffbfd025e8dd6bee651b3e0f7e93910593c1a3570d3522bf6a9143b09c44339ea0170d87b153dfafe9a7adeddf59dd9181ad705573d72b0149de9af5fab053c1d409b3d32d6535d4042dc27bd94b198e7aa2756a9391e6c672bcbb1b7795d3045223c81fe15e86db68b"
}
},
"AuthCodeTokenRequest": {
"value": {
"grant_type": "authorization_code",
"code": "IwD3at7PzwlJ9OzdkPfolEgHtk0Cb7XocFkLQ6JW"
}
},
"InvalidTokenResponse": {
"value": {
"error": "invalid_request",
"error_description": "The refresh token is invalid.",
"hint": "Token has been revoked",
"message": "The refresh token is invalid."
}
},
"InvalidGrandTypeResponse": {
"value": {
"error": "unsupported_grant_type",
"error_description": "The authorization grant type is not supported by the authorization server.",
"hint": "Check that all required parameters have been provided",
"message": "The authorization grant type is not supported by the authorization server."
}
},
"TokenListResponse": {
"value": [
{
"id": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"ip": "172.18.0.1",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"created_at": "2023-03-01 14:07:15",
"updated_at": "2023-03-01 14:07:15",
"expires_at": "2023-04-01T14:07:15.000000Z"
},
{
"id": "f170861f44987a12d2991f48714de614a4cc1866326f16c582f4fd106907f36557542ab9c1bceb5a",
"ip": "172.18.0.1",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"created_at": "2023-03-01 14:21:10",
"updated_at": "2023-03-01 14:21:10",
"expires_at": "2023-04-01T14:21:10.000000Z"
}
]
},
"TokenGetResponse": {
"value": {
"id": "0f832a44b33fb0565942c730f0d040b696186b37691c95e05f0551429fa532ded0d803320217b455",
"ip": "172.18.0.1",
"user_agent": "PostmanRuntime/7.33.0",
"created_at": "2023-11-22T09:26:40.000000Z",
"updated_at": "2023-11-22T09:26:40.000000Z",
"expires_at": "2023-11-22T10:26:26.000000Z",
"external_token": {
"idp_access_token": "eyJraWQiOiJpWk9tLUNxN0FXWmtQemdtWW5WT0o5WE1KT0xUR3E2ZkhNaWtoaEZUaGpjIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULm92T096ZU9wQlp6TWdnV3VDZVhzaEhIYjJnc0lqeURDV3BtYW5HSWtUTTAub2FyMWgycGVlYVhyRXdXZEU1ZDciLCJpc3MiOiJodHRwczovL2Rldi0xMzAzMjU0OC5va3RhLmNvbSIsImF1ZCI6Imh0dHBzOi8vZGV2LTEzMDMyNTQ4Lm9rdGEuY29tIiwic3ViIjoibHVrYXMucnV6aWNrYSt0ZXN0QHNjYXlsZS5jb20iLCJpYXQiOjE3MDA2NDUxODUsImV4cCI6MTcwMDY0ODc4NSwiY2lkIjoiMG9hY3F2djZ5Y2JmRHVrY2w1ZDciLCJ1aWQiOiIwMHVjd3g3bGpsTHhIMkdrazVkNyIsInNjcCI6WyJvcGVuaWQiLCJwcm9maWxlIiwiZW1haWwiLCJvZmZsaW5lX2FjY2VzcyJdLCJhdXRoX3RpbWUiOjE3MDA2NDUxODJ9.pE6nYtI29Klih97g_VOZ8Km_3LPdA8dqD-EF34wDASm6S5m8m9huFKIpa6jBm7yymkxHhIUdWdOhD2NO12s6sxP0F7fCr-GmNf8uY3pZw8zSSa8i8JwtgoOWq2jHCdjgHabrtLM0r6NfO4fxDIVVaex_KkW1KEIa3QwArp-iUXXOS8xj0Y7veh6nfWNCQ-FHSCu4bkY6GPMBDF1GqyOp5nDAwxnnCs1jRah8kIwZl_BBoW_ctBRi1sKBwXPsCWde-wf5BcpjpZRMOBcAsGIW1GMbnIFEe8itAnNOycZ3eatw1XGzRvimLpV-UTG4Ggrw0bhuDdxSWET_jJeTJ5AX9w",
"oauth_access_token_id": "0f832a44b33fb0565942c730f0d040b696186b37691c95e05f0551429fa532ded0d803320217b455",
"idp_key": "okta",
"created_at": "2023-11-22T09:26:26.000000Z",
"updated_at": "2023-11-22T09:26:40.000000Z",
"expires_at": "2023-11-22T10:26:26.000000Z"
}
}
},
"AuthResponse": {
"value": {
"token_type": "Bearer",
"expires_in": 2678400,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI1IiwianRpIjoiZjE3MDg2MWY0NDk4N2ExMmQyOTkxZjQ4NzE0ZGU2MTRhNGNjMTg2NjMyNmYxNmM1ODJmNGZkMTA2OTA3ZjM2NTU3NTQyYWI5YzFiY2ViNWEiLCJpYXQiOjE2Nzc2ODA0NzAuNzc3NDI2LCJuYmYiOjE2Nzc2ODA0NzAuNzc3NDM3LCJleHAiOjE2ODAzNTg4NzAuNzU0ODQsInN1YiI6IjEiLCJzY29wZXMiOltdLCJjdXN0b21lcklkIjoxMTcyOTU1MX0.SMf4J2jFDfFAOJnWfhgn4nO3_udda1LhIuVt9r0z1-Aeu8VVdhT53W_zUDAXEIVW3ba2VYne-u8hFxWaT82QXEukRuO8Wn23ZTfjtD7-0mWTz_psrvlg5-DjYZFFXvQ6P6tT9rOc21ibkEYl14-Wd1Ie2zF7HUdOu939rEBcEVU5jmJ-zzyHn7d3Qb1Z7CJL-_EU341rgQyByUCfYTmDAKN6wmI9hGChzgFIDewbV3CHXOs0RjQD6v0fZRZIBb91cdNpw1gLvAY-FhqcenBmGbBx09K9TwBum1zlQYpH_DrBFxH2HEa72-jERJWjUmMBVkSZ_9fHpQkrG3v9h7lDEobfRsfpolF89xCPPl-ug2oz_gLojTsWFXXfchIN-i8CNn3tY4D08qqsOs5lsl-OyA_pievPdSz8Q04pMTjmK1K5myPqONeG6X2gf8BQg--A4weOGYjJIjyo_NcEJN8nCKseg6i06JF2tSQAe0QnOzuVvVOHb-4HlD2h3XF2emGRtxGVXtvFtq5UhFgu9QNmwC8NkLJHBNDTlx7zDybNpHz597usUGV-ye06DZPs0Cx0Ch_RNUO6vV4aQUe0BsiEb4ZGncWt09uqO5iio8IFJTieHYpphPQg99asYhkcGqt1ZMoc6TFpm3lmpZE6uEfzhcEmu9FZA21NTxRtUHLLc9Q",
"refresh_token": "def50200e47c39150262586222c6b1f9c700b386f2214fc33945a775f574c5902a0b919e701ec9fbfdbc3517d59936e8748443c8ca568d04616056b0755ef59a0281ac53ebec032f7f6155b2bf4cdf7cb845ff0639cc622cfbc1b0c9d72fb443e94f614ee87399f2bd593474b7cab30d4ea6b226c173989f3518ae616c2c8edb502f975c34c569cd70d326d7c9cf440a7f5e2f47f066c562064e9291e3ecd9cbf2a9df0989a48aa2732425478720319be7a3a235ac68c17bb3203b8fd1ba5fcdc71e205c8083b343df68bbfada6abc3d3c1d60eacdcef7d7d9a915e39a0c589766c6315f40c8af0b74af8cea9e230650c47fd425a0b7292862bc753cb97004ec8b505b7a37023ebc2ad3987c6693cbce5abb8e36f74e3b22e0b2d256f5845bbe63d4fddf2752a6a73e4229daa5f3f2c93f54121c58528b1a28f6bf347f1284d3145634ccd8552d7a05d8a086a212a2da2775a93a7ade1c8a42e309085a2a121999"
}
}
},
"parameters": {
"AccessTokenId": {
"name": "accessTokenId",
"in": "path",
"required": true,
"description": "The Access Token ID.",
"example": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"schema": {
"type": "string"
}
}
},
"securitySchemes": {
"BearerAuth": {
"type": "http",
"scheme": "bearer",
"description": "Bearer token obtained by the registraion and login endpoints. Provide your bearer token in the Authorization header when making requests to protected resources."
},
"BasicAuth": {
"type": "http",
"scheme": "basic",
"description": "Basic auth in form of client_id:client_secret. You can obtain the credentials from the SCAYLE Panel."
}
}
},
"type": "http",
"scheme": "basic",
"description": "Basic auth in form of client_id:client_secret. You can obtain the credentials from the SCAYLE Panel."
Example bad response
{
"components": {
"responses": {
"BadRequest": {
"description": "Bad Request",
"content": {
"application/json": {
"schema": {
"title": "BadRequestResponse",
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
},
"example": {
"error": "validation_error",
"message": "The property ID must be an integer.",
"context": {
"id": "abc123",
"context": {}
}
}
}
}
},
"UnauthorizedClient": {
"description": "Unauthorized",
"content": {
"application/json": {
"schema": {
"title": "UnauthorizedResponse",
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
},
"example": {
"error": "INVALID_CLIENT",
"message": "Client authentication failed.",
"context": null
}
}
}
}
},
"schemas": {
"JwksResponse": {
"type": "object",
"required": [
"keys"
],
"properties": {
"keys": {
"type": "array",
"items": {
"type": "object",
"required": [
"alg",
"kty",
"use",
"x5c",
"x5t",
"n",
"e",
"kid"
],
"properties": {
"alg": {
"type": "string",
"example": "RS256",
"description": "Algorithm used for signing (e.g., RSA with SHA-256)"
},
"kty": {
"type": "string",
"example": "RSA",
"description": "Key type (e.g., RSA)"
},
"use": {
"type": "string",
"example": "sig",
"description": "How the key is intended to be used (e.g., \"sig\" for signatures)"
},
"x5c": {
"type": "array",
"items": {
"type": "string",
"example": [
"MIIC+DCCAeCgAwIBAgIJBIGjYW6hFpn2MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTAeFw0xNjExMjIyMjIyMDVaFw0zMDA4MDEyMjIyMDVaMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnjZc5bm/eGIHq09N9HKHahM7Y31P0ul+A2wwP4lSpIwFrWHzxw88/7Dwk9QMc+orGXX95R6av4GF+Es/nG3uK45ooMVMa/hYCh0Mtx3gnSuoTavQEkLzCvSwTqVwzZ+5noukWVqJuMKNwjL77GNcPLY7Xy2/skMCT5bR8UoWaufooQvYq6SyPcRAU4BtdquZRiBT4U5f+4pwNTxSvey7ki50yc1tG49Per/0zA4O6Tlpv8x7Red6m1bCNHt7+Z5nSl3RX/QYyAEUX1a28VcYmR41Osy+o2OUCXYdUAphDaHo4/8rbKTJhlu8jEcc1KoMXAKjgaVZtG/v5ltx6AXY0CAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUQxFG602h1cG+pnyvJoy9pGJJoCswDQYJKoZIhvcNAQEFBQADggEBAGvtCbzGNBUJPLICth3mLsX0Z4z8T8iu4tyoiuAshP/Ry/ZBnFnXmhD8vwgMZ2lTgUWwlrvlgN+fAtYKnwFO2G3BOCFw96Nm8So9sjTda9CCZ3dhoH57F/hVMBB0K6xhklAc0b5ZxUpCIN92v/w+xZoz1XQBHe8ZbRHaP1HpRM4M7DJk2G5cgUCyu3UBvYS41sHvzrxQ3z7vIePRA4WF4bEkfX12gvny0RsPkrbVMXX1Rj9t6V7QXrbPYBAO+43JvDGYawxYVvLhz+BJ45x50GFQmHszfY3BR9TPK8xmMmQwtIvLu1PMttNCs7niCYkSiUv2sc2mlq1i3IashGkkgmo="
],
"description": "X.509 certificate chain in base64 encoded format"
}
},
"n": {
"type": "string",
"example": "yeNlzlub94YgerT030codqEztjfU_S6X4DbDA_iVKkjAWtYfPHDzz_sPCT1Axz6isZdf3lHpq_gYX4Sz-cbe4rjmigxUxr-FgKHQy3HeCdK6hNq9ASQvMK9LBOpXDNn7mei6RZWom4wo3CMvvsY1w8tjtfLb-yQwJPltHxShZq5-ihC9irpLI9xEBTgG12q5lGIFPhTl_7inA1PFK97LuSLnTJzW0bj096v_TMDg7pOWm_zHtF53qbVsI0e3v5nmdKXdFf9BjIARRfVrbxVxiZHjU6zL6jY5QJdh1QCmENoejj_ytspMmGW7yMRxzUqgxcAqOBpVm0b-_mW3HoBdjQ",
"description": "RSA modulus component (base64 encoded)"
},
"e": {
"type": "string",
"example": "AQAB",
"description": "RSA public exponent component (base64 encoded)"
},
"kid": {
"type": "string",
"example": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"description": "Key ID (identifier for the key)"
},
"x5t": {
"type": "string",
"example": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"description": "X.509 certificate thumbprint (SHA-1 or other hash)"
}
}
}
}
}
},
"RegisterRequest": {
"type": "object",
"required": [
"first_name",
"last_name",
"email",
"password",
"gender",
"shop_id"
],
"properties": {
"first_name": {
"type": "string",
"minLength": 1,
"example": "Max",
"description": "The first name of the user"
},
"last_name": {
"type": "string",
"minLength": 1,
"example": "Mustermann",
"description": "The last name of the user"
},
"email": {
"type": "string",
"pattern": "^[a-z0-9][-a-z0-9_\\+\\.]*[a-z0-9]@[a-z0-9][-a-z0-9\\.]*[a-z0-9]\\.[a-z]{2,16}$",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"password": {
"type": "string",
"minLength": 1,
"example": "A2$z44a-",
"description": "The password of the user"
},
"gender": {
"type": "string",
"example": "f",
"description": "The gender of the user",
"enum": [
"m",
"f",
"d"
]
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"LoginRequest": {
"type": "object",
"required": [
"email",
"password",
"shop_id"
],
"properties": {
"email": {
"type": "string",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"password": {
"type": "string",
"minLength": 1,
"example": "A2$z44a-",
"description": "The password of the user"
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"GuestLoginRequest": {
"type": "object",
"required": [
"first_name",
"last_name",
"email",
"gender",
"shop_id"
],
"properties": {
"first_name": {
"type": "string",
"minLength": 1,
"example": "Max",
"description": "The first name of the user"
},
"last_name": {
"type": "string",
"minLength": 1,
"example": "Mustermann",
"description": "The last name of the user"
},
"email": {
"type": "string",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"gender": {
"type": "string",
"example": "f",
"description": "The gender of the user",
"enum": [
"m",
"f",
"d"
]
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"TokenPostRequest": {
"type": "object",
"required": [
"grant_type"
],
"properties": {
"grant_type": {
"type": "string",
"minLength": 1,
"example": "refresh_token",
"description": "OAuth grant type",
"enum": [
"refresh_token",
"authorization_code"
]
},
"refresh_token": {
"type": "string",
"minLength": 1,
"example": "def502006e21b4d0c6f154dd21a6fa273dc7dd9856606add87d5aa4a5078bdca44c9d3477f56981450ad40846665183e5ba19d16f4b020e53311e4729d5463cf7b2d79fb72f85c3a4ecb3aea1d881e7a2a1784ca7dc991c1e80066ef55b6c4c50731baa5d81f4ba98685773e24a6ef491490a46a78edfac6d5ff830138d5b946cdbfd71d469328cf5537cef20518097ea3f7664ccda2f061e881671e7647daad0344211e6d4e4dbc2662ad236190508fe68900c4b2deb4e57503af6dcce09c1694fe34c1fb08959b81fd356bf7406b0b8bc36d5f79a2ea939ad83b6d75b54034912992d1faa6f2c4ada225896212769c9d4e96d896a5c9cffbfd025e8dd6bee651b3e0f7e93910593c1a3570d3522bf6a9143b09c44339ea0170d87b153dfafe9a7adeddf59dd9181ad705573d72b0149de9af5fab053c1d409b3d32d6535d4042dc27bd94b198e7aa2756a9391e6c672bcbb1b7795d3045223c81fe15e86db68b",
"description": "The refresh token"
},
"code": {
"type": "string",
"minLength": 1,
"example": "IwD3at7PzwlJ9OzdkPfolEgHtk0Cb7XocFkLQ6JW",
"description": "The authorization code"
}
}
},
"AuthResponse": {
"type": "object",
"required": [
"token_type",
"expires_in",
"access_token",
"refresh_token"
],
"properties": {
"token_type": {
"type": "string",
"example": "Bearer",
"description": "The token type",
"enum": [
"Bearer"
]
},
"expires_in": {
"type": "integer",
"example": 2678400,
"description": "Expiration time in seconds of the Access Token"
},
"access_token": {
"type": "string",
"minLength": 1,
"example": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxIiwianRpIjoiYTdkNjc5ZWQwMWZhYzYxZjE5MTk0OGRlMDJlODE4ZGUzZmYwM2I5ODc5MzQ1Mjk5NmVkOGJlMDZmNWM3ZmUxZTA4Nzc4ZTllZGY3YTJkZDYiLCJpYXQiOjE2Nzc1ODIzOTguOTY0Nzk1LCJuYmYiOjE2Nzc1ODIzOTguOTY0ODA2LCJleHAiOjE3MDkxMTgzOTguOTU3OTk1LCJzdWIiOiIxIiwic2NvcGVzIjpbXSwiY3VzdG9tZXJJZCI6MTE3Mjk1NTF9.GBwEWogAUTVhdZJG8Ft4sxbUfgHwEHA6Tl-FTo4HzD-dWgssLb67ggCGfMStb_Oy2Y6kUc2LXqQr_yrismQPK9Al7xQLhvbLHDeKrFvOh8CeoP3GAUItuaadosKw7rHMWJgxOA3gLvwGiintEvEwwz3U5vAm7pMMPQYQ5l4dKtCy09AUeOFK1xTOcP299ua5BBavMAWMxfYdZWJQ7QVlz2Sz9rjeAVzIfpOmnXTO71t3yTHCBhPMwuvazzEtfLOw2hVlkpT99z_MlN_6BSKYXft1w5lKfvQBicwSQyYMgVNuYTp2y7xoO-J8sEMd75C3vXNTtcI2lLcE9sLpUnH44Ur4TmsJnUsyMmhvCawplmlkGuDImzjXJOaCprC0VfYl9UQGoqy7Bh9WK5A72Kjt6kj5F7SNoROapVy1qLvv0qJM9Nj1HBk51dQ3RDHrHIZUyamHC_NdjYWAenkNmbol12uqBh8YmcLOfAuM9FSQV2VlxugDJP0LiAaGNXiseUjZsz-9O5Nt3Wr9iKpy03P_2Ec0r8PyABZj0VyFpvfBZU0aPia4phe2iQkNV8Dtpp9KqrsOrwNM5WML24hFUaQHajrhNwszQstNEC4-F1t_fZhSKcAWLk5AVmhVnJfg3GVarySh09MlzgpjbUIxgvJlfq5wls_3SqoKZNz02rfirzc",
"description": "The accessToken to be included in secured API requests"
},
"refresh_token": {
"type": "string",
"minLength": 1,
"example": "def50200e47c39150262586222c6b1f9c700b386f2214fc33945a775f574c5902a0b919e701ec9fbfdbc3517d59936e8748443c8ca568d04616056b0755ef59a0281ac53ebec032f7f6155b2bf4cdf7cb845ff0639cc622cfbc1b0c9d72fb443e94f614ee87399f2bd593474b7cab30d4ea6b226c173989f3518ae616c2c8edb502f975c34c569cd70d326d7c9cf440a7f5e2f47f066c562064e9291e3ecd9cbf2a9df0989a48aa2732425478720319be7a3a235ac68c17bb3203b8fd1ba5fcdc71e205c8083b343df68bbfada6abc3d3c1d60eacdcef7d7d9a915e39a0c589766c6315f40c8af0b74af8cea9e230650c47fd425a0b7292862bc753cb97004ec8b505b7a37023ebc2ad3987c6693cbce5abb8e36f74e3b22e0b2d256f5845bbe63d4fddf2752a6a73e4229daa5f3f2c93f54121c58528b1a28f6bf347f1284d3145634ccd8552d7a05d8a086a212a2da2775a93a7ade1c8a42e309085a2a121999",
"description": "Refresh Tokens can be used to get a new access token without user interaction."
}
}
},
"TokenListResponse": {
"type": "object",
"required": [
"id",
"ip",
"user_agent",
"created_at",
"updated_at",
"expires_at"
],
"properties": {
"id": {
"type": "string",
"example": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"description": "Access Token Id"
},
"ip": {
"type": "string",
"example": "172.18.0.1",
"description": "Ip of the user"
},
"user_agent": {
"type": "string",
"example": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"description": "User agent of the user"
},
"created_at": {
"type": "string",
"example": "2023-03-01T14:07:15.000Z",
"description": "Creation date of the Access Token"
},
"updated_at": {
"type": "string",
"example": "2023-03-01T14:07:15.000Z",
"description": "Update date of the Access Token"
},
"expires_at": {
"type": "string",
"example": "2023-04-01T14:07:15.000Z",
"description": "Expiration date of the Access Token"
}
}
},
"ErrorResponse": {
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
}
},
"examples": {
"JwksResponse": {
"value": {
"keys": [
{
"alg": "RS256",
"kty": "RSA",
"use": "sig",
"x5c": [
"MIIC+DCCAeCgAwIBAgIJBIGjYW6hFpn2MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTAeFw0xNjExMjIyMjIyMDVaFw0zMDA4MDEyMjIyMDVaMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnjZc5bm/eGIHq09N9HKHahM7Y31P0ul+A2wwP4lSpIwFrWHzxw88/7Dwk9QMc+orGXX95R6av4GF+Es/nG3uK45ooMVMa/hYCh0Mtx3gnSuoTavQEkLzCvSwTqVwzZ+5noukWVqJuMKNwjL77GNcPLY7Xy2/skMCT5bR8UoWaufooQvYq6SyPcRAU4BtdquZRiBT4U5f+4pwNTxSvey7ki50yc1tG49Per/0zA4O6Tlpv8x7Red6m1bCNHt7+Z5nSl3RX/QYyAEUX1a28VcYmR41Osy+o2OUCXYdUAphDaHo4/8rbKTJhlu8jEcc1KoMXAKjgaVZtG/v5ltx6AXY0CAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUQxFG602h1cG+pnyvJoy9pGJJoCswDQYJKoZIhvcNAQEFBQADggEBAGvtCbzGNBUJPLICth3mLsX0Z4z8T8iu4tyoiuAshP/Ry/ZBnFnXmhD8vwgMZ2lTgUWwlrvlgN+fAtYKnwFO2G3BOCFw96Nm8So9sjTda9CCZ3dhoH57F/hVMBB0K6xhklAc0b5ZxUpCIN92v/w+xZoz1XQBHe8ZbRHaP1HpRM4M7DJk2G5cgUCyu3UBvYS41sHvzrxQ3z7vIePRA4WF4bEkfX12gvny0RsPkrbVMXX1Rj9t6V7QXrbPYBAO+43JvDGYawxYVvLhz+BJ45x50GFQmHszfY3BR9TPK8xmMmQwtIvLu1PMttNCs7niCYkSiUv2sc2mlq1i3IashGkkgmo="
],
"n": "yeNlzlub94YgerT030codqEztjfU_S6X4DbDA_iVKkjAWtYfPHDzz_sPCT1Axz6isZdf3lHpq_gYX4Sz-cbe4rjmigxUxr-FgKHQy3HeCdK6hNq9ASQvMK9LBOpXDNn7mei6RZWom4wo3CMvvsY1w8tjtfLb-yQwJPltHxShZq5-ihC9irpLI9xEBTgG12q5lGIFPhTl_7inA1PFK97LuSLnTJzW0bj096v_TMDg7pOWm_zHtF53qbVsI0e3v5nmdKXdFf9BjIARRfVrbxVxiZHjU6zL6jY5QJdh1QCmENoejj_ytspMmGW7yMRxzUqgxcAqOBpVm0b-_mW3HoBdjQ",
"e": "AQAB",
"kid": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"x5t": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg"
}
]
}
},
"RegisterRequest": {
"value": {
"first_name": "Max",
"last_name": "Mustermann",
"email": "max.mustermann@aboutyou.com",
"password": "test123",
"gender": "m",
"shop_id": 139
}
},
"LoginRequest": {
"value": {
"email": "testmail@aboutyou.com",
"password": "test123",
"shop_id": 139
}
},
"GuestLoginRequest": {
"value": {
"first_name": "Max",
"last_name": "Mustermann",
"email": "max.mustermann@aboutyou.com",
"gender": "m",
"shop_id": 139
}
},
"RefreshTokenRequest": {
"value": {
"grant_type": "refresh_token",
"refresh_token": "def502006e21b4d0c6f154dd21a6fa273dc7dd9856606add87d5aa4a5078bdca44c9d3477f56981450ad40846665183e5ba19d16f4b020e53311e4729d5463cf7b2d79fb72f85c3a4ecb3aea1d881e7a2a1784ca7dc991c1e80066ef55b6c4c50731baa5d81f4ba98685773e24a6ef491490a46a78edfac6d5ff830138d5b946cdbfd71d469328cf5537cef20518097ea3f7664ccda2f061e881671e7647daad0344211e6d4e4dbc2662ad236190508fe68900c4b2deb4e57503af6dcce09c1694fe34c1fb08959b81fd356bf7406b0b8bc36d5f79a2ea939ad83b6d75b54034912992d1faa6f2c4ada225896212769c9d4e96d896a5c9cffbfd025e8dd6bee651b3e0f7e93910593c1a3570d3522bf6a9143b09c44339ea0170d87b153dfafe9a7adeddf59dd9181ad705573d72b0149de9af5fab053c1d409b3d32d6535d4042dc27bd94b198e7aa2756a9391e6c672bcbb1b7795d3045223c81fe15e86db68b"
}
},
"AuthCodeTokenRequest": {
"value": {
"grant_type": "authorization_code",
"code": "IwD3at7PzwlJ9OzdkPfolEgHtk0Cb7XocFkLQ6JW"
}
},
"InvalidTokenResponse": {
"value": {
"error": "invalid_request",
"error_description": "The refresh token is invalid.",
"hint": "Token has been revoked",
"message": "The refresh token is invalid."
}
},
"InvalidGrandTypeResponse": {
"value": {
"error": "unsupported_grant_type",
"error_description": "The authorization grant type is not supported by the authorization server.",
"hint": "Check that all required parameters have been provided",
"message": "The authorization grant type is not supported by the authorization server."
}
},
"TokenListResponse": {
"value": [
{
"id": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"ip": "172.18.0.1",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"created_at": "2023-03-01 14:07:15",
"updated_at": "2023-03-01 14:07:15",
"expires_at": "2023-04-01T14:07:15.000000Z"
},
{
"id": "f170861f44987a12d2991f48714de614a4cc1866326f16c582f4fd106907f36557542ab9c1bceb5a",
"ip": "172.18.0.1",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"created_at": "2023-03-01 14:21:10",
"updated_at": "2023-03-01 14:21:10",
"expires_at": "2023-04-01T14:21:10.000000Z"
}
]
},
"TokenGetResponse": {
"value": {
"id": "0f832a44b33fb0565942c730f0d040b696186b37691c95e05f0551429fa532ded0d803320217b455",
"ip": "172.18.0.1",
"user_agent": "PostmanRuntime/7.33.0",
"created_at": "2023-11-22T09:26:40.000000Z",
"updated_at": "2023-11-22T09:26:40.000000Z",
"expires_at": "2023-11-22T10:26:26.000000Z",
"external_token": {
"idp_access_token": "eyJraWQiOiJpWk9tLUNxN0FXWmtQemdtWW5WT0o5WE1KT0xUR3E2ZkhNaWtoaEZUaGpjIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULm92T096ZU9wQlp6TWdnV3VDZVhzaEhIYjJnc0lqeURDV3BtYW5HSWtUTTAub2FyMWgycGVlYVhyRXdXZEU1ZDciLCJpc3MiOiJodHRwczovL2Rldi0xMzAzMjU0OC5va3RhLmNvbSIsImF1ZCI6Imh0dHBzOi8vZGV2LTEzMDMyNTQ4Lm9rdGEuY29tIiwic3ViIjoibHVrYXMucnV6aWNrYSt0ZXN0QHNjYXlsZS5jb20iLCJpYXQiOjE3MDA2NDUxODUsImV4cCI6MTcwMDY0ODc4NSwiY2lkIjoiMG9hY3F2djZ5Y2JmRHVrY2w1ZDciLCJ1aWQiOiIwMHVjd3g3bGpsTHhIMkdrazVkNyIsInNjcCI6WyJvcGVuaWQiLCJwcm9maWxlIiwiZW1haWwiLCJvZmZsaW5lX2FjY2VzcyJdLCJhdXRoX3RpbWUiOjE3MDA2NDUxODJ9.pE6nYtI29Klih97g_VOZ8Km_3LPdA8dqD-EF34wDASm6S5m8m9huFKIpa6jBm7yymkxHhIUdWdOhD2NO12s6sxP0F7fCr-GmNf8uY3pZw8zSSa8i8JwtgoOWq2jHCdjgHabrtLM0r6NfO4fxDIVVaex_KkW1KEIa3QwArp-iUXXOS8xj0Y7veh6nfWNCQ-FHSCu4bkY6GPMBDF1GqyOp5nDAwxnnCs1jRah8kIwZl_BBoW_ctBRi1sKBwXPsCWde-wf5BcpjpZRMOBcAsGIW1GMbnIFEe8itAnNOycZ3eatw1XGzRvimLpV-UTG4Ggrw0bhuDdxSWET_jJeTJ5AX9w",
"oauth_access_token_id": "0f832a44b33fb0565942c730f0d040b696186b37691c95e05f0551429fa532ded0d803320217b455",
"idp_key": "okta",
"created_at": "2023-11-22T09:26:26.000000Z",
"updated_at": "2023-11-22T09:26:40.000000Z",
"expires_at": "2023-11-22T10:26:26.000000Z"
}
}
},
"AuthResponse": {
"value": {
"token_type": "Bearer",
"expires_in": 2678400,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI1IiwianRpIjoiZjE3MDg2MWY0NDk4N2ExMmQyOTkxZjQ4NzE0ZGU2MTRhNGNjMTg2NjMyNmYxNmM1ODJmNGZkMTA2OTA3ZjM2NTU3NTQyYWI5YzFiY2ViNWEiLCJpYXQiOjE2Nzc2ODA0NzAuNzc3NDI2LCJuYmYiOjE2Nzc2ODA0NzAuNzc3NDM3LCJleHAiOjE2ODAzNTg4NzAuNzU0ODQsInN1YiI6IjEiLCJzY29wZXMiOltdLCJjdXN0b21lcklkIjoxMTcyOTU1MX0.SMf4J2jFDfFAOJnWfhgn4nO3_udda1LhIuVt9r0z1-Aeu8VVdhT53W_zUDAXEIVW3ba2VYne-u8hFxWaT82QXEukRuO8Wn23ZTfjtD7-0mWTz_psrvlg5-DjYZFFXvQ6P6tT9rOc21ibkEYl14-Wd1Ie2zF7HUdOu939rEBcEVU5jmJ-zzyHn7d3Qb1Z7CJL-_EU341rgQyByUCfYTmDAKN6wmI9hGChzgFIDewbV3CHXOs0RjQD6v0fZRZIBb91cdNpw1gLvAY-FhqcenBmGbBx09K9TwBum1zlQYpH_DrBFxH2HEa72-jERJWjUmMBVkSZ_9fHpQkrG3v9h7lDEobfRsfpolF89xCPPl-ug2oz_gLojTsWFXXfchIN-i8CNn3tY4D08qqsOs5lsl-OyA_pievPdSz8Q04pMTjmK1K5myPqONeG6X2gf8BQg--A4weOGYjJIjyo_NcEJN8nCKseg6i06JF2tSQAe0QnOzuVvVOHb-4HlD2h3XF2emGRtxGVXtvFtq5UhFgu9QNmwC8NkLJHBNDTlx7zDybNpHz597usUGV-ye06DZPs0Cx0Ch_RNUO6vV4aQUe0BsiEb4ZGncWt09uqO5iio8IFJTieHYpphPQg99asYhkcGqt1ZMoc6TFpm3lmpZE6uEfzhcEmu9FZA21NTxRtUHLLc9Q",
"refresh_token": "def50200e47c39150262586222c6b1f9c700b386f2214fc33945a775f574c5902a0b919e701ec9fbfdbc3517d59936e8748443c8ca568d04616056b0755ef59a0281ac53ebec032f7f6155b2bf4cdf7cb845ff0639cc622cfbc1b0c9d72fb443e94f614ee87399f2bd593474b7cab30d4ea6b226c173989f3518ae616c2c8edb502f975c34c569cd70d326d7c9cf440a7f5e2f47f066c562064e9291e3ecd9cbf2a9df0989a48aa2732425478720319be7a3a235ac68c17bb3203b8fd1ba5fcdc71e205c8083b343df68bbfada6abc3d3c1d60eacdcef7d7d9a915e39a0c589766c6315f40c8af0b74af8cea9e230650c47fd425a0b7292862bc753cb97004ec8b505b7a37023ebc2ad3987c6693cbce5abb8e36f74e3b22e0b2d256f5845bbe63d4fddf2752a6a73e4229daa5f3f2c93f54121c58528b1a28f6bf347f1284d3145634ccd8552d7a05d8a086a212a2da2775a93a7ade1c8a42e309085a2a121999"
}
}
},
"parameters": {
"AccessTokenId": {
"name": "accessTokenId",
"in": "path",
"required": true,
"description": "The Access Token ID.",
"example": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"schema": {
"type": "string"
}
}
},
"securitySchemes": {
"BearerAuth": {
"type": "http",
"scheme": "bearer",
"description": "Bearer token obtained by the registraion and login endpoints. Provide your bearer token in the Authorization header when making requests to protected resources."
},
"BasicAuth": {
"type": "http",
"scheme": "basic",
"description": "Basic auth in form of client_id:client_secret. You can obtain the credentials from the SCAYLE Panel."
}
}
},
"type": "http",
"scheme": "basic",
"description": "Basic auth in form of client_id:client_secret. You can obtain the credentials from the SCAYLE Panel."
}}
Bearer Auth
Auth response
{
"token_type": "Bearer",
"expires_in": 2678400,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI1IiwianRpIjoiZjE3MDg2MWY0NDk4N2ExMmQyOTkxZjQ4NzE0ZGU2MTRhNGNjMTg2NjMyNmYxNmM1ODJmNGZkMTA2OTA3ZjM2NTU3NTQyYWI5YzFiY2ViNWEiLCJpYXQiOjE2Nzc2ODA0NzAuNzc3NDI2LCJuYmYiOjE2Nzc2ODA0NzAuNzc3NDM3LCJleHAiOjE2ODAzNTg4NzAuNzU0ODQsInN1YiI6IjEiLCJzY29wZXMiOltdLCJjdXN0b21lcklkIjoxMTcyOTU1MX0.SMf4J2jFDfFAOJnWfhgn4nO3_udda1LhIuVt9r0z1-Aeu8VVdhT53W_zUDAXEIVW3ba2VYne-u8hFxWaT82QXEukRuO8Wn23ZTfjtD7-0mWTz_psrvlg5-DjYZFFXvQ6P6tT9rOc21ibkEYl14-Wd1Ie2zF7HUdOu939rEBcEVU5jmJ-zzyHn7d3Qb1Z7CJL-_EU341rgQyByUCfYTmDAKN6wmI9hGChzgFIDewbV3CHXOs0RjQD6v0fZRZIBb91cdNpw1gLvAY-FhqcenBmGbBx09K9TwBum1zlQYpH_DrBFxH2HEa72-jERJWjUmMBVkSZ_9fHpQkrG3v9h7lDEobfRsfpolF89xCPPl-ug2oz_gLojTsWFXXfchIN-i8CNn3tY4D08qqsOs5lsl-OyA_pievPdSz8Q04pMTjmK1K5myPqONeG6X2gf8BQg--A4weOGYjJIjyo_NcEJN8nCKseg6i06JF2tSQAe0QnOzuVvVOHb-4HlD2h3XF2emGRtxGVXtvFtq5UhFgu9QNmwC8NkLJHBNDTlx7zDybNpHz597usUGV-ye06DZPs0Cx0Ch_RNUO6vV4aQUe0BsiEb4ZGncWt09uqO5iio8IFJTieHYpphPQg99asYhkcGqt1ZMoc6TFpm3lmpZE6uEfzhcEmu9FZA21NTxRtUHLLc9Q",
"refresh_token": "def50200e47c39150262586222c6b1f9c700b386f2214fc33945a775f574c5902a0b919e701ec9fbfdbc3517d59936e8748443c8ca568d04616056b0755ef59a0281ac53ebec032f7f6155b2bf4cdf7cb845ff0639cc622cfbc1b0c9d72fb443e94f614ee87399f2bd593474b7cab30d4ea6b226c173989f3518ae616c2c8edb502f975c34c569cd70d326d7c9cf440a7f5e2f47f066c562064e9291e3ecd9cbf2a9df0989a48aa2732425478720319be7a3a235ac68c17bb3203b8fd1ba5fcdc71e205c8083b343df68bbfada6abc3d3c1d60eacdcef7d7d9a915e39a0c589766c6315f40c8af0b74af8cea9e230650c47fd425a0b7292862bc753cb97004ec8b505b7a37023ebc2ad3987c6693cbce5abb8e36f74e3b22e0b2d256f5845bbe63d4fddf2752a6a73e4229daa5f3f2c93f54121c58528b1a28f6bf347f1284d3145634ccd8552d7a05d8a086a212a2da2775a93a7ade1c8a42e309085a2a121999"
}
Example bad response
{
"components": {
"responses": {
"BadRequest": {
"description": "Bad Request",
"content": {
"application/json": {
"schema": {
"title": "BadRequestResponse",
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
},
"example": {
"error": "validation_error",
"message": "The property ID must be an integer.",
"context": {
"id": "abc123",
"context": {}
}
}
}
}
},
"UnauthorizedClient": {
"description": "Unauthorized",
"content": {
"application/json": {
"schema": {
"title": "UnauthorizedResponse",
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
},
"example": {
"error": "INVALID_CLIENT",
"message": "Client authentication failed.",
"context": null
}
}
}
}
},
"schemas": {
"JwksResponse": {
"type": "object",
"required": [
"keys"
],
"properties": {
"keys": {
"type": "array",
"items": {
"type": "object",
"required": [
"alg",
"kty",
"use",
"x5c",
"x5t",
"n",
"e",
"kid"
],
"properties": {
"alg": {
"type": "string",
"example": "RS256",
"description": "Algorithm used for signing (e.g., RSA with SHA-256)"
},
"kty": {
"type": "string",
"example": "RSA",
"description": "Key type (e.g., RSA)"
},
"use": {
"type": "string",
"example": "sig",
"description": "How the key is intended to be used (e.g., \"sig\" for signatures)"
},
"x5c": {
"type": "array",
"items": {
"type": "string",
"example": [
"MIIC+DCCAeCgAwIBAgIJBIGjYW6hFpn2MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTAeFw0xNjExMjIyMjIyMDVaFw0zMDA4MDEyMjIyMDVaMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnjZc5bm/eGIHq09N9HKHahM7Y31P0ul+A2wwP4lSpIwFrWHzxw88/7Dwk9QMc+orGXX95R6av4GF+Es/nG3uK45ooMVMa/hYCh0Mtx3gnSuoTavQEkLzCvSwTqVwzZ+5noukWVqJuMKNwjL77GNcPLY7Xy2/skMCT5bR8UoWaufooQvYq6SyPcRAU4BtdquZRiBT4U5f+4pwNTxSvey7ki50yc1tG49Per/0zA4O6Tlpv8x7Red6m1bCNHt7+Z5nSl3RX/QYyAEUX1a28VcYmR41Osy+o2OUCXYdUAphDaHo4/8rbKTJhlu8jEcc1KoMXAKjgaVZtG/v5ltx6AXY0CAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUQxFG602h1cG+pnyvJoy9pGJJoCswDQYJKoZIhvcNAQEFBQADggEBAGvtCbzGNBUJPLICth3mLsX0Z4z8T8iu4tyoiuAshP/Ry/ZBnFnXmhD8vwgMZ2lTgUWwlrvlgN+fAtYKnwFO2G3BOCFw96Nm8So9sjTda9CCZ3dhoH57F/hVMBB0K6xhklAc0b5ZxUpCIN92v/w+xZoz1XQBHe8ZbRHaP1HpRM4M7DJk2G5cgUCyu3UBvYS41sHvzrxQ3z7vIePRA4WF4bEkfX12gvny0RsPkrbVMXX1Rj9t6V7QXrbPYBAO+43JvDGYawxYVvLhz+BJ45x50GFQmHszfY3BR9TPK8xmMmQwtIvLu1PMttNCs7niCYkSiUv2sc2mlq1i3IashGkkgmo="
],
"description": "X.509 certificate chain in base64 encoded format"
}
},
"n": {
"type": "string",
"example": "yeNlzlub94YgerT030codqEztjfU_S6X4DbDA_iVKkjAWtYfPHDzz_sPCT1Axz6isZdf3lHpq_gYX4Sz-cbe4rjmigxUxr-FgKHQy3HeCdK6hNq9ASQvMK9LBOpXDNn7mei6RZWom4wo3CMvvsY1w8tjtfLb-yQwJPltHxShZq5-ihC9irpLI9xEBTgG12q5lGIFPhTl_7inA1PFK97LuSLnTJzW0bj096v_TMDg7pOWm_zHtF53qbVsI0e3v5nmdKXdFf9BjIARRfVrbxVxiZHjU6zL6jY5QJdh1QCmENoejj_ytspMmGW7yMRxzUqgxcAqOBpVm0b-_mW3HoBdjQ",
"description": "RSA modulus component (base64 encoded)"
},
"e": {
"type": "string",
"example": "AQAB",
"description": "RSA public exponent component (base64 encoded)"
},
"kid": {
"type": "string",
"example": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"description": "Key ID (identifier for the key)"
},
"x5t": {
"type": "string",
"example": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"description": "X.509 certificate thumbprint (SHA-1 or other hash)"
}
}
}
}
}
},
"RegisterRequest": {
"type": "object",
"required": [
"first_name",
"last_name",
"email",
"password",
"gender",
"shop_id"
],
"properties": {
"first_name": {
"type": "string",
"minLength": 1,
"example": "Max",
"description": "The first name of the user"
},
"last_name": {
"type": "string",
"minLength": 1,
"example": "Mustermann",
"description": "The last name of the user"
},
"email": {
"type": "string",
"pattern": "^[a-z0-9][-a-z0-9_\\+\\.]*[a-z0-9]@[a-z0-9][-a-z0-9\\.]*[a-z0-9]\\.[a-z]{2,16}$",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"password": {
"type": "string",
"minLength": 1,
"example": "A2$z44a-",
"description": "The password of the user"
},
"gender": {
"type": "string",
"example": "f",
"description": "The gender of the user",
"enum": [
"m",
"f",
"d"
]
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"LoginRequest": {
"type": "object",
"required": [
"email",
"password",
"shop_id"
],
"properties": {
"email": {
"type": "string",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"password": {
"type": "string",
"minLength": 1,
"example": "A2$z44a-",
"description": "The password of the user"
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"GuestLoginRequest": {
"type": "object",
"required": [
"first_name",
"last_name",
"email",
"gender",
"shop_id"
],
"properties": {
"first_name": {
"type": "string",
"minLength": 1,
"example": "Max",
"description": "The first name of the user"
},
"last_name": {
"type": "string",
"minLength": 1,
"example": "Mustermann",
"description": "The last name of the user"
},
"email": {
"type": "string",
"minLength": 1,
"example": "testuser@aboutyou.com",
"description": "The Email address of the user"
},
"gender": {
"type": "string",
"example": "f",
"description": "The gender of the user",
"enum": [
"m",
"f",
"d"
]
},
"shop_id": {
"type": "integer",
"example": 139,
"description": "Shop ID"
}
}
},
"TokenPostRequest": {
"type": "object",
"required": [
"grant_type"
],
"properties": {
"grant_type": {
"type": "string",
"minLength": 1,
"example": "refresh_token",
"description": "OAuth grant type",
"enum": [
"refresh_token",
"authorization_code"
]
},
"refresh_token": {
"type": "string",
"minLength": 1,
"example": "def502006e21b4d0c6f154dd21a6fa273dc7dd9856606add87d5aa4a5078bdca44c9d3477f56981450ad40846665183e5ba19d16f4b020e53311e4729d5463cf7b2d79fb72f85c3a4ecb3aea1d881e7a2a1784ca7dc991c1e80066ef55b6c4c50731baa5d81f4ba98685773e24a6ef491490a46a78edfac6d5ff830138d5b946cdbfd71d469328cf5537cef20518097ea3f7664ccda2f061e881671e7647daad0344211e6d4e4dbc2662ad236190508fe68900c4b2deb4e57503af6dcce09c1694fe34c1fb08959b81fd356bf7406b0b8bc36d5f79a2ea939ad83b6d75b54034912992d1faa6f2c4ada225896212769c9d4e96d896a5c9cffbfd025e8dd6bee651b3e0f7e93910593c1a3570d3522bf6a9143b09c44339ea0170d87b153dfafe9a7adeddf59dd9181ad705573d72b0149de9af5fab053c1d409b3d32d6535d4042dc27bd94b198e7aa2756a9391e6c672bcbb1b7795d3045223c81fe15e86db68b",
"description": "The refresh token"
},
"code": {
"type": "string",
"minLength": 1,
"example": "IwD3at7PzwlJ9OzdkPfolEgHtk0Cb7XocFkLQ6JW",
"description": "The authorization code"
}
}
},
"AuthResponse": {
"type": "object",
"required": [
"token_type",
"expires_in",
"access_token",
"refresh_token"
],
"properties": {
"token_type": {
"type": "string",
"example": "Bearer",
"description": "The token type",
"enum": [
"Bearer"
]
},
"expires_in": {
"type": "integer",
"example": 2678400,
"description": "Expiration time in seconds of the Access Token"
},
"access_token": {
"type": "string",
"minLength": 1,
"example": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiIxIiwianRpIjoiYTdkNjc5ZWQwMWZhYzYxZjE5MTk0OGRlMDJlODE4ZGUzZmYwM2I5ODc5MzQ1Mjk5NmVkOGJlMDZmNWM3ZmUxZTA4Nzc4ZTllZGY3YTJkZDYiLCJpYXQiOjE2Nzc1ODIzOTguOTY0Nzk1LCJuYmYiOjE2Nzc1ODIzOTguOTY0ODA2LCJleHAiOjE3MDkxMTgzOTguOTU3OTk1LCJzdWIiOiIxIiwic2NvcGVzIjpbXSwiY3VzdG9tZXJJZCI6MTE3Mjk1NTF9.GBwEWogAUTVhdZJG8Ft4sxbUfgHwEHA6Tl-FTo4HzD-dWgssLb67ggCGfMStb_Oy2Y6kUc2LXqQr_yrismQPK9Al7xQLhvbLHDeKrFvOh8CeoP3GAUItuaadosKw7rHMWJgxOA3gLvwGiintEvEwwz3U5vAm7pMMPQYQ5l4dKtCy09AUeOFK1xTOcP299ua5BBavMAWMxfYdZWJQ7QVlz2Sz9rjeAVzIfpOmnXTO71t3yTHCBhPMwuvazzEtfLOw2hVlkpT99z_MlN_6BSKYXft1w5lKfvQBicwSQyYMgVNuYTp2y7xoO-J8sEMd75C3vXNTtcI2lLcE9sLpUnH44Ur4TmsJnUsyMmhvCawplmlkGuDImzjXJOaCprC0VfYl9UQGoqy7Bh9WK5A72Kjt6kj5F7SNoROapVy1qLvv0qJM9Nj1HBk51dQ3RDHrHIZUyamHC_NdjYWAenkNmbol12uqBh8YmcLOfAuM9FSQV2VlxugDJP0LiAaGNXiseUjZsz-9O5Nt3Wr9iKpy03P_2Ec0r8PyABZj0VyFpvfBZU0aPia4phe2iQkNV8Dtpp9KqrsOrwNM5WML24hFUaQHajrhNwszQstNEC4-F1t_fZhSKcAWLk5AVmhVnJfg3GVarySh09MlzgpjbUIxgvJlfq5wls_3SqoKZNz02rfirzc",
"description": "The accessToken to be included in secured API requests"
},
"refresh_token": {
"type": "string",
"minLength": 1,
"example": "def50200e47c39150262586222c6b1f9c700b386f2214fc33945a775f574c5902a0b919e701ec9fbfdbc3517d59936e8748443c8ca568d04616056b0755ef59a0281ac53ebec032f7f6155b2bf4cdf7cb845ff0639cc622cfbc1b0c9d72fb443e94f614ee87399f2bd593474b7cab30d4ea6b226c173989f3518ae616c2c8edb502f975c34c569cd70d326d7c9cf440a7f5e2f47f066c562064e9291e3ecd9cbf2a9df0989a48aa2732425478720319be7a3a235ac68c17bb3203b8fd1ba5fcdc71e205c8083b343df68bbfada6abc3d3c1d60eacdcef7d7d9a915e39a0c589766c6315f40c8af0b74af8cea9e230650c47fd425a0b7292862bc753cb97004ec8b505b7a37023ebc2ad3987c6693cbce5abb8e36f74e3b22e0b2d256f5845bbe63d4fddf2752a6a73e4229daa5f3f2c93f54121c58528b1a28f6bf347f1284d3145634ccd8552d7a05d8a086a212a2da2775a93a7ade1c8a42e309085a2a121999",
"description": "Refresh Tokens can be used to get a new access token without user interaction."
}
}
},
"TokenListResponse": {
"type": "object",
"required": [
"id",
"ip",
"user_agent",
"created_at",
"updated_at",
"expires_at"
],
"properties": {
"id": {
"type": "string",
"example": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"description": "Access Token Id"
},
"ip": {
"type": "string",
"example": "172.18.0.1",
"description": "Ip of the user"
},
"user_agent": {
"type": "string",
"example": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"description": "User agent of the user"
},
"created_at": {
"type": "string",
"example": "2023-03-01T14:07:15.000Z",
"description": "Creation date of the Access Token"
},
"updated_at": {
"type": "string",
"example": "2023-03-01T14:07:15.000Z",
"description": "Update date of the Access Token"
},
"expires_at": {
"type": "string",
"example": "2023-04-01T14:07:15.000Z",
"description": "Expiration date of the Access Token"
}
}
},
"ErrorResponse": {
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "string",
"description": "A key that describes the occurred error."
},
"error_description": {
"type": "string",
"description": "Some human readable description of the error."
},
"hint": {
"type": "string",
"description": "Hint of what caused the error."
},
"message": {
"type": "string",
"description": "Additional message."
},
"context": {
"type": "object",
"description": "Additional context to interpret the error message."
}
}
}
},
"examples": {
"JwksResponse": {
"value": {
"keys": [
{
"alg": "RS256",
"kty": "RSA",
"use": "sig",
"x5c": [
"MIIC+DCCAeCgAwIBAgIJBIGjYW6hFpn2MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTAeFw0xNjExMjIyMjIyMDVaFw0zMDA4MDEyMjIyMDVaMCMxITAfBgNVBAMTGGN1c3RvbWVyLWRlbW9zLmF1dGgwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMnjZc5bm/eGIHq09N9HKHahM7Y31P0ul+A2wwP4lSpIwFrWHzxw88/7Dwk9QMc+orGXX95R6av4GF+Es/nG3uK45ooMVMa/hYCh0Mtx3gnSuoTavQEkLzCvSwTqVwzZ+5noukWVqJuMKNwjL77GNcPLY7Xy2/skMCT5bR8UoWaufooQvYq6SyPcRAU4BtdquZRiBT4U5f+4pwNTxSvey7ki50yc1tG49Per/0zA4O6Tlpv8x7Red6m1bCNHt7+Z5nSl3RX/QYyAEUX1a28VcYmR41Osy+o2OUCXYdUAphDaHo4/8rbKTJhlu8jEcc1KoMXAKjgaVZtG/v5ltx6AXY0CAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUQxFG602h1cG+pnyvJoy9pGJJoCswDQYJKoZIhvcNAQEFBQADggEBAGvtCbzGNBUJPLICth3mLsX0Z4z8T8iu4tyoiuAshP/Ry/ZBnFnXmhD8vwgMZ2lTgUWwlrvlgN+fAtYKnwFO2G3BOCFw96Nm8So9sjTda9CCZ3dhoH57F/hVMBB0K6xhklAc0b5ZxUpCIN92v/w+xZoz1XQBHe8ZbRHaP1HpRM4M7DJk2G5cgUCyu3UBvYS41sHvzrxQ3z7vIePRA4WF4bEkfX12gvny0RsPkrbVMXX1Rj9t6V7QXrbPYBAO+43JvDGYawxYVvLhz+BJ45x50GFQmHszfY3BR9TPK8xmMmQwtIvLu1PMttNCs7niCYkSiUv2sc2mlq1i3IashGkkgmo="
],
"n": "yeNlzlub94YgerT030codqEztjfU_S6X4DbDA_iVKkjAWtYfPHDzz_sPCT1Axz6isZdf3lHpq_gYX4Sz-cbe4rjmigxUxr-FgKHQy3HeCdK6hNq9ASQvMK9LBOpXDNn7mei6RZWom4wo3CMvvsY1w8tjtfLb-yQwJPltHxShZq5-ihC9irpLI9xEBTgG12q5lGIFPhTl_7inA1PFK97LuSLnTJzW0bj096v_TMDg7pOWm_zHtF53qbVsI0e3v5nmdKXdFf9BjIARRfVrbxVxiZHjU6zL6jY5QJdh1QCmENoejj_ytspMmGW7yMRxzUqgxcAqOBpVm0b-_mW3HoBdjQ",
"e": "AQAB",
"kid": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg",
"x5t": "NjVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg"
}
]
}
},
"RegisterRequest": {
"value": {
"first_name": "Max",
"last_name": "Mustermann",
"email": "max.mustermann@aboutyou.com",
"password": "test123",
"gender": "m",
"shop_id": 139
}
},
"LoginRequest": {
"value": {
"email": "testmail@aboutyou.com",
"password": "test123",
"shop_id": 139
}
},
"GuestLoginRequest": {
"value": {
"first_name": "Max",
"last_name": "Mustermann",
"email": "max.mustermann@aboutyou.com",
"gender": "m",
"shop_id": 139
}
},
"RefreshTokenRequest": {
"value": {
"grant_type": "refresh_token",
"refresh_token": "def502006e21b4d0c6f154dd21a6fa273dc7dd9856606add87d5aa4a5078bdca44c9d3477f56981450ad40846665183e5ba19d16f4b020e53311e4729d5463cf7b2d79fb72f85c3a4ecb3aea1d881e7a2a1784ca7dc991c1e80066ef55b6c4c50731baa5d81f4ba98685773e24a6ef491490a46a78edfac6d5ff830138d5b946cdbfd71d469328cf5537cef20518097ea3f7664ccda2f061e881671e7647daad0344211e6d4e4dbc2662ad236190508fe68900c4b2deb4e57503af6dcce09c1694fe34c1fb08959b81fd356bf7406b0b8bc36d5f79a2ea939ad83b6d75b54034912992d1faa6f2c4ada225896212769c9d4e96d896a5c9cffbfd025e8dd6bee651b3e0f7e93910593c1a3570d3522bf6a9143b09c44339ea0170d87b153dfafe9a7adeddf59dd9181ad705573d72b0149de9af5fab053c1d409b3d32d6535d4042dc27bd94b198e7aa2756a9391e6c672bcbb1b7795d3045223c81fe15e86db68b"
}
},
"AuthCodeTokenRequest": {
"value": {
"grant_type": "authorization_code",
"code": "IwD3at7PzwlJ9OzdkPfolEgHtk0Cb7XocFkLQ6JW"
}
},
"InvalidTokenResponse": {
"value": {
"error": "invalid_request",
"error_description": "The refresh token is invalid.",
"hint": "Token has been revoked",
"message": "The refresh token is invalid."
}
},
"InvalidGrandTypeResponse": {
"value": {
"error": "unsupported_grant_type",
"error_description": "The authorization grant type is not supported by the authorization server.",
"hint": "Check that all required parameters have been provided",
"message": "The authorization grant type is not supported by the authorization server."
}
},
"TokenListResponse": {
"value": [
{
"id": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"ip": "172.18.0.1",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"created_at": "2023-03-01 14:07:15",
"updated_at": "2023-03-01 14:07:15",
"expires_at": "2023-04-01T14:07:15.000000Z"
},
{
"id": "f170861f44987a12d2991f48714de614a4cc1866326f16c582f4fd106907f36557542ab9c1bceb5a",
"ip": "172.18.0.1",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"created_at": "2023-03-01 14:21:10",
"updated_at": "2023-03-01 14:21:10",
"expires_at": "2023-04-01T14:21:10.000000Z"
}
]
},
"TokenGetResponse": {
"value": {
"id": "0f832a44b33fb0565942c730f0d040b696186b37691c95e05f0551429fa532ded0d803320217b455",
"ip": "172.18.0.1",
"user_agent": "PostmanRuntime/7.33.0",
"created_at": "2023-11-22T09:26:40.000000Z",
"updated_at": "2023-11-22T09:26:40.000000Z",
"expires_at": "2023-11-22T10:26:26.000000Z",
"external_token": {
"idp_access_token": "eyJraWQiOiJpWk9tLUNxN0FXWmtQemdtWW5WT0o5WE1KT0xUR3E2ZkhNaWtoaEZUaGpjIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULm92T096ZU9wQlp6TWdnV3VDZVhzaEhIYjJnc0lqeURDV3BtYW5HSWtUTTAub2FyMWgycGVlYVhyRXdXZEU1ZDciLCJpc3MiOiJodHRwczovL2Rldi0xMzAzMjU0OC5va3RhLmNvbSIsImF1ZCI6Imh0dHBzOi8vZGV2LTEzMDMyNTQ4Lm9rdGEuY29tIiwic3ViIjoibHVrYXMucnV6aWNrYSt0ZXN0QHNjYXlsZS5jb20iLCJpYXQiOjE3MDA2NDUxODUsImV4cCI6MTcwMDY0ODc4NSwiY2lkIjoiMG9hY3F2djZ5Y2JmRHVrY2w1ZDciLCJ1aWQiOiIwMHVjd3g3bGpsTHhIMkdrazVkNyIsInNjcCI6WyJvcGVuaWQiLCJwcm9maWxlIiwiZW1haWwiLCJvZmZsaW5lX2FjY2VzcyJdLCJhdXRoX3RpbWUiOjE3MDA2NDUxODJ9.pE6nYtI29Klih97g_VOZ8Km_3LPdA8dqD-EF34wDASm6S5m8m9huFKIpa6jBm7yymkxHhIUdWdOhD2NO12s6sxP0F7fCr-GmNf8uY3pZw8zSSa8i8JwtgoOWq2jHCdjgHabrtLM0r6NfO4fxDIVVaex_KkW1KEIa3QwArp-iUXXOS8xj0Y7veh6nfWNCQ-FHSCu4bkY6GPMBDF1GqyOp5nDAwxnnCs1jRah8kIwZl_BBoW_ctBRi1sKBwXPsCWde-wf5BcpjpZRMOBcAsGIW1GMbnIFEe8itAnNOycZ3eatw1XGzRvimLpV-UTG4Ggrw0bhuDdxSWET_jJeTJ5AX9w",
"oauth_access_token_id": "0f832a44b33fb0565942c730f0d040b696186b37691c95e05f0551429fa532ded0d803320217b455",
"idp_key": "okta",
"created_at": "2023-11-22T09:26:26.000000Z",
"updated_at": "2023-11-22T09:26:40.000000Z",
"expires_at": "2023-11-22T10:26:26.000000Z"
}
}
},
"AuthResponse": {
"value": {
"token_type": "Bearer",
"expires_in": 2678400,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI1IiwianRpIjoiZjE3MDg2MWY0NDk4N2ExMmQyOTkxZjQ4NzE0ZGU2MTRhNGNjMTg2NjMyNmYxNmM1ODJmNGZkMTA2OTA3ZjM2NTU3NTQyYWI5YzFiY2ViNWEiLCJpYXQiOjE2Nzc2ODA0NzAuNzc3NDI2LCJuYmYiOjE2Nzc2ODA0NzAuNzc3NDM3LCJleHAiOjE2ODAzNTg4NzAuNzU0ODQsInN1YiI6IjEiLCJzY29wZXMiOltdLCJjdXN0b21lcklkIjoxMTcyOTU1MX0.SMf4J2jFDfFAOJnWfhgn4nO3_udda1LhIuVt9r0z1-Aeu8VVdhT53W_zUDAXEIVW3ba2VYne-u8hFxWaT82QXEukRuO8Wn23ZTfjtD7-0mWTz_psrvlg5-DjYZFFXvQ6P6tT9rOc21ibkEYl14-Wd1Ie2zF7HUdOu939rEBcEVU5jmJ-zzyHn7d3Qb1Z7CJL-_EU341rgQyByUCfYTmDAKN6wmI9hGChzgFIDewbV3CHXOs0RjQD6v0fZRZIBb91cdNpw1gLvAY-FhqcenBmGbBx09K9TwBum1zlQYpH_DrBFxH2HEa72-jERJWjUmMBVkSZ_9fHpQkrG3v9h7lDEobfRsfpolF89xCPPl-ug2oz_gLojTsWFXXfchIN-i8CNn3tY4D08qqsOs5lsl-OyA_pievPdSz8Q04pMTjmK1K5myPqONeG6X2gf8BQg--A4weOGYjJIjyo_NcEJN8nCKseg6i06JF2tSQAe0QnOzuVvVOHb-4HlD2h3XF2emGRtxGVXtvFtq5UhFgu9QNmwC8NkLJHBNDTlx7zDybNpHz597usUGV-ye06DZPs0Cx0Ch_RNUO6vV4aQUe0BsiEb4ZGncWt09uqO5iio8IFJTieHYpphPQg99asYhkcGqt1ZMoc6TFpm3lmpZE6uEfzhcEmu9FZA21NTxRtUHLLc9Q",
"refresh_token": "def50200e47c39150262586222c6b1f9c700b386f2214fc33945a775f574c5902a0b919e701ec9fbfdbc3517d59936e8748443c8ca568d04616056b0755ef59a0281ac53ebec032f7f6155b2bf4cdf7cb845ff0639cc622cfbc1b0c9d72fb443e94f614ee87399f2bd593474b7cab30d4ea6b226c173989f3518ae616c2c8edb502f975c34c569cd70d326d7c9cf440a7f5e2f47f066c562064e9291e3ecd9cbf2a9df0989a48aa2732425478720319be7a3a235ac68c17bb3203b8fd1ba5fcdc71e205c8083b343df68bbfada6abc3d3c1d60eacdcef7d7d9a915e39a0c589766c6315f40c8af0b74af8cea9e230650c47fd425a0b7292862bc753cb97004ec8b505b7a37023ebc2ad3987c6693cbce5abb8e36f74e3b22e0b2d256f5845bbe63d4fddf2752a6a73e4229daa5f3f2c93f54121c58528b1a28f6bf347f1284d3145634ccd8552d7a05d8a086a212a2da2775a93a7ade1c8a42e309085a2a121999"
}
}
},
"parameters": {
"AccessTokenId": {
"name": "accessTokenId",
"in": "path",
"required": true,
"description": "The Access Token ID.",
"example": "0100cc93812b9eb969e43643a2a63dd81a7c652d49745122d67acfcfee809c6527fccf5f88f6328a",
"schema": {
"type": "string"
}
}
},
"securitySchemes": {
"BearerAuth": {
"type": "http",
"scheme": "bearer",
"description": "Bearer token obtained by the registraion and login endpoints. Provide your bearer token in the Authorization header when making requests to protected resources."
},
"BasicAuth": {
"type": "http",
"scheme": "basic",
"description": "Basic auth in form of client_id:client_secret. You can obtain the credentials from the SCAYLE Panel."
}
}
},
"type": "http",
"scheme": "bearer",
"description": "Bearer token obtained by the registraion and login endpoints. Provide your bearer token in the Authorization header when making requests to protected resources."
}
Understand Authentication APIs
Limitations
In order to understand Prerequisites and Limitations, please refer to the Authentication Guide.
Best Practises
Detailed information on the usage of access token and refresh token as well as overall token handling can be found within the Authentication Guide.
Download Full Reference
Using Postman or similar tools? You can download this reference as a JSON file and import it to start sending requests directly.
