Authentication

To obtain a JWT token send a POST https://common.api.acubeapi.com/login (or POST https://common-sandbox.api.acubeapi.com/login in case you are working on the sandbox environment) specifying the HTTP header Content-Type: application/json with the following payload
Copy
Copied
{
    "email": "your@email.com",
    "password": "your password"
}

If the login went fine you will receive a response with

Copy
Copied
{
        "token": "a very long encrypted token"
}

The token you receive is a JWT token that lasts 24 hours. It is good practice to request only one JWT token every 24 hours, although it is possible to request more than one.

The token is composed by 3 parts, each part is delimited by a dot (.) char. Exploding the token by . and doing a base64 decode of the second part you will obtain some useful informtion.

Example

Copy
Copied
{"iat":<issue timestamp>,"exp":<expire timestamp>,"roles":{"<project name>": ["ROLE_WRITER"]},"username":<your email>,"uid":<your identifier>}
The field <project name> is the production domain of the API set you have access. I.e. peppol.api.acubeapi.com or it.api.acubeapi.com

To use the token you must set it as Bearer into the Authorization header. Example:

Copy
Copied
curl -X GET
  https://common-sandbox.api.acubeapi.com/users/me
  -H 'Accept: application/json'
  -H 'Authorization: Bearer <here the received token>'