# 2.1 Login users
In order to login your users to the Shiji Products, A refresh token needs to be created at the backend.
All Shiji client SDK's require a publishable key and a refresh token at the initialization.
The refresh token represents the unique user, and should be created with uniqe identifier.
POST /users/api/v1/refresh_token
Form params
| name | Description | Format | |
|---|---|---|---|
| externalID | A uniqe identifier on your system for this user such as: id, member id, email, phone | String | Optional |
| ttl | TTL in seconds for expiration | NumericMin: 60 |
⚠️ We do not recommend to use Personally identifiable information (PII) as a unique identifier.
# Request example:
curl --request POST \
--url https://the-sandbox.mycheckapp.com/users/api/v1/refresh_token \
--header 'secretKey: <SECRET KEY>' \
--data 'externalID=user@website.com'
# Response
{
"Status": "OK",
"refreshToken": "9rkd83kxmv92kx9sw...",
}
# 2.1.1 Creating a guest
In case of a guest, the externalID param is not required
# Request example:
curl --request POST \
--url https://the-sandbox.mycheckapp.com/users/api/v1/refresh_token \
--header 'secretKey: <SECRET KEY>' \
# Response
{
"Status": "OK",
"refreshToken": "9rkd83kxmv92kxcba...",
}
# 2.1.2 Creating a user with metadata
You can add metadata for the user to access it later, It might be required on some of the implementations
POST /users/api/v1/refresh_token
Form params
| name | Description | Format | |
|---|---|---|---|
| externalID | A uniqe identifier on your system for this user such as: id, member id, email, phone | String | Optional |
| custom | The metadata for this user | Json string | Optional |
# Request example:
curl --request POST \
--url https://the-sandbox.mycheckapp.com/users/api/v1/refresh_token \
--header 'secretKey: <SECRET KEY>' \
--data 'externalID=user@website.com&custom={"fullname":"John snow","phone":"1800123123"}'
# Response
{
"Status": "OK",
"refreshToken": "9rkd83kxmv92kx9sw...",
}
# 2.1.3 Receive users access token to make requests as a user
If you need to make request behalf of the user, you will need his access token that usually Shiji's client SDK generates using the refresh token and the publishable key.
POST /users/api/v1/user/login
Form params
| name | Description | Format | |
|---|---|---|---|
| externalID | A uniqe identifier on your system for this user such as: id, member id, email, phone | String | Required |
| withMetadata | If you need users metadata to be included in the access token, this value should be 1 | Integer boolean | Optional |
| custom | The metadata for this user | Json string | Optional |
# Request example with metadata:
curl -X POST \
https://the-sandbox.mycheckapp.com/users/api/v1/user/login \
-H 'secretKey: <SECRET KEY>' \
-d 'withMetadata=1&externalID=175170775D&custom={"name":"Jhon Snow","email":"jhon@gmail.com", "location": "the true north"}'
# Response example:
{
"id": 98545,
"accessToken": "eyJ0eXAiOiJKV1Qi.......P0ft2Ty5IJqvE",
"userInfo": {
"isGuest": false
},
"status": "OK"
}
# 2.1.4 Updating users metadata
If the user exists, and you have its access token, you can make a request to update his metadata
POST /api/v1/user/metadata
Headers
| name | Description | Format | |
|---|---|---|---|
| Authorization | Users access token | String | Required |
Form params
| name | Description | Format | |
|---|---|---|---|
| metadata | The metadata for this user | Json string | Optional |
# Request example:
curl -X POST \
https://the-sandbox.mycheckapp.com/users/api/v1/user/login \
-H 'Authorization: <ACCESS TOKEN>' \
-d 'metadata={"name":"Jhon Snow","email":"jhon@gmail.com", "location": "the true north"}'
# Response example:
{
"status": "OK"
}