Authentication
Last updated
Last updated
Always use the Copy icon in the example field when copying examples. Manual copy and paste is known to cause data format errors.
Prior to any calls, a customer needs to provide **** at least one pem-encoded public key, associated with a name that will identify this key on the Connect platform (WECHAT, WHATSAPP, SMS, SMS-DIRECT or LINE). These two pieces of information will enable the customer to generate a Java Web Token (JWT) required with all calls to the Connect platform API endpoints.
For more information on this authentication mechanism and the key pair format, please refer to the RSA Authentication Workflow documentation.
For convenience, we provide below the sequence to create a RSA key pair:
For security reasons, the private key MUST NOT be shared. Symphony employees will not be asking for the private key.
Should you need to revoke the key or in case you have lost it, you can request its removal or replacement by opening a ticket with Symphony support.
The JWT must be provided by the caller as a Bearer Token in the Authorization header of each HTTP request (see https://swagger.io/docs/specification/authentication/bearer-authentication).
The Connect platform requires the JWT token to include this specific information:
Example: Java using _io.jsonwebtoken:jjwt_** library** (https://github.com/jwtk/jjwt, connect to preview)
Note: This library is a dependency of the Symphony SDK, meaning that, if you are set up to work with Symphony APIs, you do not require any additional library.
Example: API call using Curl