🎉 Welcome to beta release.
ABC Auth

ABC Auth

This is a tutorial on ABC Auth authentication. It covers usage cases, integration into applications, testing, and troubleshooting. It contains code snippets for making API requests to ABC Loyalty 3.0 and obtaining authentication tokens, as well as a flowchart demonstrating the authentication process.

When to use the ABC Auth

  • Use ABC Auth if you want a simple and secure authentication system that's easy to set up and manage.
  • ABC Auth doesn't support token expiration or revocation, so it's best for cases where you don't need those features.
  • If you don't have an existing infrastructure that supports JWT authentication, ABC Auth might be the better choice.

Getting Started with ABC Auth

To integrate and launch the loyalty feature on your website or application, follow these three simple steps:

  • Prepare the credential.
  • Follow the authentication flow.
  • Test and troubleshoot.

Prepare your credentials

  1. Navigate to the Developer > Mini-app (opens in a new tab) menu of the ABC Loyalty 3.0 Dashboard to set your authentication method. Dashboard-Settings-MiniApp

  2. Select "ABC Auth" and set your authentication URL. Dashboard-Settings-MiniApp

  3. Get the client key and client secret that you will use in the following steps. Dashboard-Settings-MiniApp

Follow the authentication flow

  1. Use the client ID and client secret to make a POST request to the ABC Loyalty 3.0 SaaS platform to get a JWT token.
Request: Get token
curl --location --request POST '{abc-auth-url}/realms/partner/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id={your-client-id}' \
--data-urlencode 'client_secret={your-client-secret}' \
--data-urlencode 'grant_type=client_credentials'
Response: Get token
    "access_token": {your-access-token},
    "expires_in": 1800,
    "refresh_expires_in": 0,
    "token_type": "Bearer",
    "not-before-policy": 0,
  1. Use the access token as an authentication bearer for the request to get a one-time token (OTT).
Request: Get the Mini-app URL
curl --location --request POST '{abc-rest-api-url}/latitude-configs/v1/api/auth/ott' \
--header 'Authorization: Bearer {your-access-token}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "userId": {your-customer-identity}
Response: Get the Mini-app URL
    "accessToken": "{accessToken}",
    "redirectUrl": "https://{org-id}.ascendbit.io"
  1. Use the redirect URL and access token from the previous step to redirect or open the loyalty application with the token. Here is an example code:
Redirect the user


Test and troubleshoot

When testing the integration or troubleshooting any issues, here are two common problems that you may encounter:

Q: What should I do if I cannot obtain a JWT access token?

A: If you cannot obtain a JWT access token, please check your client ID and client secret in the Dashboard. Ensure that these credentials are correct and have been issued correctly.

Q: What should I do if I encounter a network error?

A: If you have a network error, please check your authentication URL in the Mini-app settings page.

Q: What should I do if I encounter an Unauthorized page after opening the Mini-app?

A: If you encounter an Unauthorized page after opening the Mini-app, please verify that you have sent the OTT as a token request parameter in the redirect URL using the correct format.

Mini-app URL

By following these steps, you can help ensure your integration runs smoothly and avoid common issues that may arise during testing.

Additional Resources

To access URLs for staging or production environments, please refer to the API Overview.