1. User Authentication

Access Token

To call an API method from the WMS API Extension you need to be authenticated within application and obtain an access token. The following steps must be performed to obtain an access token:

1. First step is to get an authentication token using your SocrateCloud email and password

• make a HTTP GET request to method:

  • https://api.socratecloud.com/swms/rest/auth/userAuth?email=username@domain.com&password=userpass

•  request result should be a valid authentication token

  • eg.: y2apKHudbCLQF0RWFGU7sKNmT5zvKecg

2. Get access token, using authentication token received at step 1

• make a HTTP GET request to method:

  •  https://api.socratecloud.com/swms/rest/auth/userRoles?authToken=y2apKHudbCLQF0RWFGU7sKNmT5zvKecg

• request result is a JSON object that contains a list of valid access tokens for each Tenant/Role that user belongs, as shown below

{"data":[{"AD_Client_ID":2140900001,

            "AD_Role_ID":1000002,

            "AD_User_ID":1000054,

            "ClientName":"TEST1",

            "RoleName":"Rol Admin",

            "UserName":"User Name",

            "accessToken":"b0C3Kf4SdM7ZQEwfW1rw4eRQ81HexwCj"},

            {"AD_Client_ID":1000001,

            "AD_Role_ID":1000058,

            "AD_User_ID":1000873,

            "ClientName":"TEST2",

            "RoleName":"Rol User",

            "UserName":"User Name",

            "accessToken":"T2l9CeZnM37TZlsE1mxF9Qez3V5XQvse"}

            ]

}

From the list of access tokens pick the one that corresponds to the specific Role and Tenant that you want to use for the subsequent API method calls.

In the situation you know from the beginning the role ID from SocrateCloud for which you want to obtain an access token the previous two steps process can be reduced to a single step as follows:

• make a HTTP GET request to method:

  • https://api.socratecloud.com/swms/rest/auth/userAuth?email=username@domain.com&password=userpass&AD_Role_ID=roleid

where roleid is the numerical ID of the role from SocrateCloud for which you want the access token

•  request result should be a valid access token for the specific role

  • eg.: y2apKHudbCLQF0RWFGU7sKNmT5zvKecg

Remarks

• The obtained access token is valid only for a limited period of time. After the token expires you will need to obtain a new access token using the same steps

• While the access token is valid it should be used for all the API method calls that are performed during the validity period. Therefore the access token once obtained it should be stored for reusing it at subsequent API method calls.