ABC Auth
This is a tutorial on ABC Auth authentication. It covers usage cases, integration into applications, testing, and troubleshooting. It contains code snippets for making API requests to ABC Loyalty 3.0 and obtaining authentication tokens, as well as a flowchart demonstrating the authentication process.
When to use the ABC Auth
- Use ABC Auth if you want a simple and secure authentication system that's easy to set up and manage.
- ABC Auth doesn't support token expiration or revocation, so it's best for cases where you don't need those features.
- If you don't have an existing infrastructure that supports JWT authentication, ABC Auth might be the better choice.
Getting Started with ABC Auth
To integrate and launch the loyalty feature on your website or application, follow these three simple steps:
- Prepare the credential.
- Follow the authentication flow.
- Test and troubleshoot.
Prepare your credentials
-
Navigate to the Developer > Mini-app (opens in a new tab) menu of the ABC Loyalty 3.0 Dashboard to set your authentication method.
-
Select "ABC Auth" and set your authentication URL.
-
Get the client key and client secret that you will use in the following steps.
Follow the authentication flow
- Use the client ID and client secret to make a POST request to the ABC Loyalty 3.0 SaaS platform to get a JWT token.
curl --location --request POST '{abc-auth-url}/realms/partner/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id={your-client-id}' \
--data-urlencode 'client_secret={your-client-secret}' \
--data-urlencode 'grant_type=client_credentials'{
"access_token": {your-access-token},
"expires_in": 1800,
"refresh_expires_in": 0,
"token_type": "Bearer",
"not-before-policy": 0,
}- Use the access token as an authentication bearer for the request to get a one-time token (OTT).
curl --location --request POST '{abc-rest-api-url}/latitude-configs/v1/api/auth/ott' \
--header 'Authorization: Bearer {your-access-token}' \
--header 'Content-Type: application/json' \
--data-raw '{
"userId": {your-customer-identity}
}'{
"accessToken": "{accessToken}",
"redirectUrl": "https://{org-id}.ascendbit.io"
}
- Use the redirect URL and access token from the previous step to redirect or open the loyalty application with the token. Here is an example code:
https://{mini-app-url}?token=${accessToken}
Test and troubleshoot
When testing the integration or troubleshooting any issues, here are two common problems that you may encounter:
Q: What should I do if I cannot obtain a JWT access token?
A: If you cannot obtain a JWT access token, please check your client ID and client secret in the Dashboard. Ensure that these credentials are correct and have been issued correctly.
Q: What should I do if I encounter a network error?
A: If you have a network error, please check your authentication URL in the Mini-app settings page.
Q: What should I do if I encounter an Unauthorized page after opening the Mini-app?
A: If you encounter an Unauthorized page after opening the Mini-app, please verify that you have sent the OTT as a token request parameter in the redirect URL using the correct format.
https://{mini-app-url}?token=${accessToken}By following these steps, you can help ensure your integration runs smoothly and avoid common issues that may arise during testing.
Additional Resources
To access URLs for staging or production environments, please refer to the API Overview.