Authentication

To obtain a JWT token send a POST https://common.api.acubeapi.com/login (or POST https://common-sandbox.api.acubeapi.com/login in case you are working on the sandbox environment) specifying the HTTP header Content-Type: application/json with the following payload

Copy

Copied

{
  "email": "your@email.com",
  "password": "your password"
}

Example

Copy

Copied

curl -X POST
  https://common-sandbox.api.acubeapi.com/login
  -H 'Accept: application/json'
  -H 'Content-Type: application/json'
  -d '{"email": "your@email.com", "password": "your password"}'

If the login went fine you will receive a response with

Copy

Copied

{
  "token": "a very long encrypted token"
}

The token you receive is a JWT token that lasts 24 hours. It is good practice to request only one JWT token every 24 hours, although it is possible to request more than one.

The token is composed by 3 parts, each part is delimited by a dot (.) char. Exploding the token by . and doing a base64 decode of the second part you will obtain some useful information.

Example

Copy

Copied

{
  "iat": <issue timestamp>,
  "exp": <expire timestamp>,
  "roles": {
    "<project name>": ["ROLE_WRITER", ...]
  },
  "username": <your email>,
  "uid": <your identifier>
}

The field <project name> is the production domain of the API set you have access. I.e. peppol.api.acubeapi.com or it.api.acubeapi.comTo use the token you must set it as Bearer into the Authorization header.

Example:

Copy

Copied

curl -X GET
  https://common-sandbox.api.acubeapi.com/users/me
  -H 'Accept: application/json'
  -H 'Authorization: Bearer <here the received token>'