Glue API: Manage company user authentication tokens
Edit on GitHubThis endpoint allows refreshing a company user access token or revoking a refresh token.
Installation
For detailed information on the modules that provide the API functionality and related installation instructions, see Glue API: Company account feature integration.
Refresh a company user authentication token
To refresh a company user authentication token, send the request:
POST /refresh-tokens
Request
Request sample: refresh a company user authentication token
POST https://glue.mysprykershop.com/refresh-tokens
{
"data": {
"type": "refresh-tokens",
"attributes": {
"refreshToken": "def5020000b901791eededeffbe1d2cebac97b83068b6b40953b252c87b4a2f6122f4c94f3acfdc11dfadfca7f57e61c0a2012e7d308a67ad780f8069be3b9316f5f2113c82e7765ca2d5b83209619711d30bf8e1fe95e3ffb289d37ba37ce71e9994a1121856883e1bb4a922c326d163d58e72e89fae17b1865de7b17bba1466e2109066c3acd3c3aa1d55e1f042f38d59aa2b5437e9eafd03a34cd64654fc8009761feafa25ddf2f7fabc8fcd0862802fef89298bc63a853c6c3668935c2e78429af228a063730eb68d4ad52723ec0584e6154fe37c8ac6a1ad3cdba65931ffa339272bde02b7043578fe5758d956e4fe9d0f3f5e5cf09b655d4b5684a86bf8fb5772398447666d7de7b762045ab17316c8e80ed1639d184a2fe70522b7cdcf3485b85be1671e9759432dde3ea8f5b8c3c19ca05bfc11089721e4cdd6ac377d65a122a7060d31423c321a53ec24ff8d07892efac7679ffb24f813ccd7c0f280c3ac12a8081087091e60d81f56362ff5444c710d769081fac1453c73199176082b078ea3877305f0b6c7d946a412929e9356e3e7f4c6285ab8bf0c915758206c3b59407ff2358d78799f5470741bd19d8fbd8035fed0ba6c83bee4272f4ba0c7f56ce71aaaf7b343f73285edde206c20ebf6900aae55e3419b64ad2a83bc1"
}
}
}
| ATTRIBUTE | TYPE | REQUIRED | DESCRIPTION |
|---|---|---|---|
| refreshToken | String | ✓ | Authentication token used to refresh accessToken. You can get it by authenticating as a company user. |
Response
Response sample: refresh a company user authentication token
{
"data": {
"type": "refresh-tokens",
"id": null,
"attributes": {
"tokenType": "Bearer",
"expiresIn": 28800,
"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJmcm9udGVuZCIsImp0aSI6IjdmNzdlZGZmMDc2OTFhNDM2M2EzYjliMTFlM2U5NGM5MmM1ODQ1ZjlmYzdhYmVkOGExNTcxZTU1Njg5NTRlNDEwNDU4MzYzMjNhZGIyY2U4IiwiaWF0IjoxNjAxMzYzNDEyLCJuYmYiOjE2MDEzNjM0MTIsImV4cCI6MTYwMTM5MjIxMiwic3ViIjoie1wiaWRfY29tcGFueV91c2VyXCI6bnVsbCxcImlkX2FnZW50XCI6MSxcImN1c3RvbWVyX3JlZmVyZW5jZVwiOm51bGwsXCJpZF9jdXN0b21lclwiOm51bGwsXCJwZXJtaXNzaW9uc1wiOm51bGx9Iiwic2NvcGVzIjpbImFnZW50Il19.dZZgzg7G2jKA4NqByz8OZtF4E6QlYEvb6q546ME1RooSQoTNxuOEHCY3OCcYCa7rZB9s8hZZDa0XxCGG6n7vdz3j4cVxhge99KBePj5yEpoZ9UH7FZ177O8Q9miBmjy8OxCy9a7NVe3_6l1GojeSPBMCLK_7xjmFssCNulIIl9uchuzEHgBraB-3oX2tEoKc6XYN9EySotvm23-RrXX6VTmd-Fdw7AoFxFI2K7FNiX4TFeUgAUHMbk9KyPU9D9pb8gP-rhGalGDsCfY-bdV5IJQYOGRn_MY1t3Kclw4gtEZQWEsUM3cbb--ZGEqmpyqSZJyRk0dKNr7ZQ26Q8z3T_Q",
"refreshToken": "def50200f6acb9e125f08a4104889acfc507e41213d6de3f79b9c6ee3c54bc8d0d0333a63a261c752ed71e70a853e29a16c95c7f02e4194203dd6d1be72790618aaa5db2219173a46a9e1417b051daa8b5dd4fee7250236237267fe015ca2eb65d060b1d0ae789c971734904f7258f212155723814102abeb60004fd574c1ca157790cccbc71a156cddbf458493a55bdad7eb45c5fb4a0a328712d35a18859332074c100568d1cd1cbab915385bd353692fbf5ef4d18d570a70d13c2939427039b2cec70802365e7327a806a7121f9c5ae66816ffe912b78e41c98bc04d7341ac482422612afaffcf6bb5642a55d314df62e2472bab69e6e1fd1bb8146405b4544dc9d881df5312e38291873477ecedec4f20425fcdfdee88643d977f01130c6f8766b476475219640ce478513461e589d72ccbd704672f16cdc87906ceea15242548cedf6ec9a6486be0a5d1789fa3245199802b464ccae018f0ad61703aea97a4eb75705087249327392b8d37ec8fc7a6e1b12cafa9d0a904fd249c87b355dd2ce31f297275548851d3472525f59178ac29c69d4342b24bb7a9726dc949e1ddff283ecd64594802033fc7c2b5c248ae522317f1e9a492d37f3e3e63621dc2bc76c622e258baf71f70850cad14667f58b27dacd8de90f3672bd4449f9a8fe"
},
"links": {
"self": "https://glue.mysprykershop.com/refresh-tokens"
}
}
}
| ATTRIBUTE | TYPE | DESCRIPTION |
|---|---|---|
| tokenType | String | Authentication token type. Set this type when sending a request with the token. The default value is Bearer. |
| accessToken | String | Authentication token used to send requests to the protected resources available for the company user. |
| expiresIn | Integer | Time in seconds in which theaccessToken token expires. The default value is 28800. |
| refreshToken | String | Token used to refresh the accessToken. |
Revoke a company user refresh token
To revoke a company user refresh token, send the request:
DELETE /refresh-tokens/{{refresh_token}}
| PATH PARAMETER | DESCRIPTION |
|---|---|
| {{refresh_token}} | Defines the refresh token to revoke. Enter mine to revoke all the refresh tokens of the authenticated company user. |
Request
| HEADER KEY | TYPE | REQUIRED | DESCRIPTION |
|---|---|---|---|
| Authorization | string | Only required when revoking all the refresh token of a company user. | String containing digits, letters, and symbols that authorize the company user. Authenticate as a company user to get the value. |
| REQUEST | USAGE |
|---|---|
| DELETE https://glue.mysprykershop.com/refresh-tokens/mine | Revoke all the refresh tokens of the authenticated company user. |
| DELETE https://glue.mysprykershop.com/refresh-tokens/def50200f6acb9e125f08a4104889acfc507e41213d6de3f79b9c6ee3c54bc8d0d0333a63a261c752ed71e70a853e29a16c95c7f02e4194203dd6d1be72790618aaa5db2219173a46a9e1417b051daa8b5dd4fee7250236237267fe015ca2eb65d060b1d0ae789c971734904f7258f212155723814102abeb60004fd574c1ca157790cccbc71a156cddbf458493a55bdad7eb45c5fb4a0a328712d35a18859332074c100568d1cd1cbab915385bd353692fbf5ef4d18d570a70d13c2939427039b2cec70802365e7327a806a7121f9c5ae66816ffe912b78e41c98bc04d7341ac482422612afaffcf6bb5642a55d314df62e2472bab69e6e1fd1bb8146405b4544dc9d881df5312e38291873477ecedec4f20425fcdfdee88643d977f01130c6f8766b476475219640ce478513461e589d72ccbd704672f16cdc87906ceea15242548cedf6ec9a6486be0a5d1789fa3245199802b464ccae018f0ad61703aea97a4eb75705087249327392b8d37ec8fc7a6e1b12cafa9d0a904fd249c87b355dd2ce31f297275548851d3472525f59178ac29c69d4342b24bb7a9726dc949e1ddff283ecd64594802033fc7c2b5c248ae522317f1e9a492d37f3e3e63621dc2bc76c622e258baf71f70850cad14667f58b27dacd8de90f3672bd4449f9a8fe | Revoke the following refresh token: def50200f6acb9e125f08a4104889acfc507e41213d6de3f79b9c6ee3c54bc8d0d0333a63a261c752ed71e70a853e29a16c95c7f02e4194203dd6d1be72790618aaa5db2219173a46a9e1417b051daa8b5dd4fee7250236237267fe015ca2eb65d060b1d0ae789c971734904f7258f212155723814102abeb60004fd574c1ca157790cccbc71a156cddbf458493a55bdad7eb45c5fb4a0a328712d35a18859332074c100568d1cd1cbab915385bd353692fbf5ef4d18d570a70d13c2939427039b2cec70802365e7327a806a7121f9c5ae66816ffe912b78e41c98bc04d7341ac482422612afaffcf6bb5642a55d314df62e2472bab69e6e1fd1bb8146405b4544dc9d881df5312e38291873477ecedec4f20425fcdfdee88643d977f01130c6f8766b476475219640ce478513461e589d72ccbd704672f16cdc87906ceea15242548cedf6ec9a6486be0a5d1789fa3245199802b464ccae018f0ad61703aea97a4eb75705087249327392b8d37ec8fc7a6e1b12cafa9d0a904fd249c87b355dd2ce31f297275548851d3472525f59178ac29c69d4342b24bb7a9726dc949e1ddff283ecd64594802033fc7c2b5c248ae522317f1e9a492d37f3e3e63621dc2bc76c622e258baf71f70850cad14667f58b27dacd8de90f3672bd4449f9a8fe |
Response
For security purposes, the endpoint always returns the 204 No Content status code, regardless of any refresh tokens being revoked.
The tokens are marked as expired on the date and time of the request. You can configure expired tokens to be automatically deleted from the database by setting the lifetime of expired tokens.
Possible errors
| CODE | REASON |
|---|---|
| 001 | Access token is invalid. |
| 004 | Failed to refresh the token. |
| 901 | Refresh token is not specified or empty. |
To view generic errors that originate from the Glue Application, see Reference information: GlueApplication errors.
Thank you!
For submitting the form