1. User Authentication
Access Token
To call an API method from the WMS API Extension you need to be authenticated within application and obtain an access token. The following steps must be performed to obtain an access token:
1. First step is to get an authentication token using your SocrateCloud email and password
make a HTTP GET request to method:
https://api.socratecloud.com/swms/rest/auth/userAuth?email=username@domain.com&password=userpass
request result should be a valid authentication token
eg.: y2apKHudbCLQF0RWFGU7sKNmT5zvKecg
2. Get access token, using authentication token received at step 1
make a HTTP GET request to method:
https://api.socratecloud.com/swms/rest/auth/userRoles?authToken=y2apKHudbCLQF0RWFGU7sKNmT5zvKecg
request result is a JSON object that contains a list of valid access tokens for each Tenant/Role that user belongs, as shown below
{"data":[{"AD_Client_ID":2140900001,
"AD_Role_ID":1000002,
"AD_User_ID":1000054,
"ClientName":"TEST1",
"RoleName":"Rol Admin",
"UserName":"User Name",
"accessToken":"b0C3Kf4SdM7ZQEwfW1rw4eRQ81HexwCj"},
{"AD_Client_ID":1000001,
"AD_Role_ID":1000058,
"AD_User_ID":1000873,
"ClientName":"TEST2",
"RoleName":"Rol User",
"UserName":"User Name",
"accessToken":"T2l9CeZnM37TZlsE1mxF9Qez3V5XQvse"}
]
}
From the list of access tokens pick the one that corresponds to the specific Role and Tenant that you want to use for the subsequent API method calls.
In the situation you know from the beginning the role ID from SocrateCloud for which you want to obtain an access token the previous two steps process can be reduced to a single step as follows:
make a HTTP GET request to method:
https://api.socratecloud.com/swms/rest/auth/userAuth?email=username@domain.com&password=userpass&AD_Role_ID=roleid
where roleid is the numerical ID of the role from SocrateCloud for which you want the access token
request result should be a valid access token for the specific role
eg.: y2apKHudbCLQF0RWFGU7sKNmT5zvKecg
Remarks
The obtained access token is valid only for a limited period of time. After the token expires you will need to obtain a new access token using the same steps
While the access token is valid it should be used for all the API method calls that are performed during the validity period. Therefore the access token once obtained it should be stored for reusing it at subsequent API method calls.