Main docs page Auth API Ordering API Menu API Venue API Inventory API Payment API Loyalty API Wallet API
Documentation Powered by ReDoc

Auth API (1.0)

Download OpenAPI specification:Download

OrderingStack auth API

Authentication

oauth2

Standard token auth

Security Scheme Type OAuth2

oauth2-client

Internal authorization between microservices

Security Scheme Type OAuth2

module

getModule

Get single module data

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_READMODULESROLE_{venue}_MODULESROLE_{venue}_READMODULES)
path Parameters
id
required
string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+
Example: kiosk-1

Responses

upsertModule

Update (upsert) module data

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_{venue}_MODULES)
path Parameters
id
required
string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+
Example: kiosk-1
Request Body schema: application/json

default response

id
required
string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+
type
required
string
Enum: "KIOSK" "POS_INTEGRATOR" "AGGREGATOR" "BI_CONNECTOR" "KDS" "STATUS_SCREEN" "LOYALTY" "LOYALTY_INTEGRATOR" "MOBILE_APP_LOYALTY" "ORDERING_WEB"
production
boolean
user
string <uuid>
venue
string [ 0 .. 128 ] characters [a-zA-Z0-9_.-]+
config
object
object

Responses

Request samples

Content type
application/json

module

{
  • "id": "kiosk-1",
  • "type": "KIOSK",
  • "production": false
}

deleteModule

Delete module.

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_MODULES)
path Parameters
id
required
string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+
Example: kiosk-1

Responses

getModulesList

Get paginated list of modules. This endpoint is compatible with React AdminOnRest framework to provide DataSource.

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_READMODULESROLE_{venue}_MODULESROLE_{venue}_READMODULES)
query Parameters
required
object (ModuleFilter)
header Parameters
x-tenant
string <uuid>

Responses

createModule

Create (upsert) new module

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_{venue}_MODULES)
Request Body schema: application/json

default response

id
required
string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+
type
required
string
Enum: "KIOSK" "POS_INTEGRATOR" "AGGREGATOR" "BI_CONNECTOR" "KDS" "STATUS_SCREEN" "LOYALTY" "LOYALTY_INTEGRATOR" "MOBILE_APP_LOYALTY" "ORDERING_WEB"
production
boolean
user
string <uuid>
venue
string [ 0 .. 128 ] characters [a-zA-Z0-9_.-]+
config
object
object

Responses

Request samples

Content type
application/json

module

{
  • "id": "kiosk-1",
  • "type": "KIOSK",
  • "production": false
}

listAllModules

Get list of all modules. This endpoint is only for internal use.

Authorizations:
oauth2-client
query Parameters
required
object (ModuleFilter)
header Parameters
x-tenant
string <uuid>

Responses

getModuleConfig

Get module config based on token

Authorizations:
oauth2-client

Responses

user

getUserList

Get paginated list of users. This endpoint is compatible with React AdminOnRest framework to provide DataSource.

Authorizations:
oauth2 (ROLE_SUROLE_USERS)
query Parameters
required
object (UserFilter)

Responses

createUser

Create new user

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_USERS)
Request Body schema: application/json

default response

trusted
boolean
Array of objects (UserRole) [ 0 .. 64 ] items
login
required
string
password
string [ 8 .. 64 ] characters
firstName
string[\p{L}\p{N}_. -]+
lastName
string[\p{L}\p{N}_. -]+
active
boolean
phone
string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId
string [ 3 .. 256 ] characters
Array of objects (AuthStrategyDto) [ 0 .. 16 ] items
consents
Array of strings [ 0 .. 16 ] items
object

Responses

Request samples

Content type
application/json

user

{
  • "id": "9cbe650a-1fb7-4b06-912b-cead8a013e8b",
  • "login": "testomir5@3e.pl",
  • "password": "password123",
  • "active": true,
  • "roles": [
    ],
  • "firstName": "Arnold",
  • "lastName": "Schwarzenegger"
}

upsertAuthStrategy

Upsert auth strategy

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_USERS)
path Parameters
id
required
string <uuid>
Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b
Request Body schema: */*
strategy
required
string [ 1 .. 32 ] characters [a-zA-Z0-9_.-]+
id
required
string [ 1 .. 255 ] characters
password
string [ 10 .. 64 ] characters
active
boolean

Responses

byAuthStrategy

Find by auth strategy

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_USERS)
query Parameters
strategy
required
string [ 1 .. 32 ] characters [a-zA-Z0-9_.-]+
Example: strategy=FB
id
required
string [ 1 .. 255 ] characters
Example: id=12345
email
required
string [ 0 .. 255 ] characters
Example: email=abc@domain.com

Responses

getUser

Get single user data

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_USERS)
path Parameters
id
required
string <uuid>
Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b

Responses

upsertUser

Update user data

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_USERS)
path Parameters
id
required
string <uuid>
Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b
Request Body schema: application/json

default response

trusted
boolean
Array of objects (UserRole) [ 0 .. 64 ] items
login
required
string
password
string [ 8 .. 64 ] characters
firstName
string[\p{L}\p{N}_. -]+
lastName
string[\p{L}\p{N}_. -]+
active
boolean
phone
string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId
string [ 3 .. 256 ] characters
Array of objects (AuthStrategyDto) [ 0 .. 16 ] items
consents
Array of strings [ 0 .. 16 ] items
object

Responses

Request samples

Content type
application/json

user

{
  • "login": "testomir5@3e.pl",
  • "active": true,
  • "roles": [
    ],
  • "firstName": "Arnold",
  • "lastName": "Schwarzenegger"
}

deleteUser

Delete user. Be careful as this is not reversible. If user has user management role he may delete every single user.

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_USERS)
path Parameters
id
required
string <uuid>
Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b

Responses

createUserSync

Create new user (synchronous)

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_USERS)
Request Body schema: application/json

default response

trusted
boolean
Array of objects (UserRole) [ 0 .. 64 ] items
login
required
string
password
string [ 8 .. 64 ] characters
firstName
string[\p{L}\p{N}_. -]+
lastName
string[\p{L}\p{N}_. -]+
active
boolean
phone
string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId
string [ 3 .. 256 ] characters
Array of objects (AuthStrategyDto) [ 0 .. 16 ] items
consents
Array of strings [ 0 .. 16 ] items
object

Responses

Request samples

Content type
application/json

user

{
  • "id": "9cbe650a-1fb7-4b06-912b-cead8a013e8b",
  • "login": "testomir5@3e.pl",
  • "password": "password123",
  • "active": true,
  • "roles": [
    ],
  • "firstName": "Arnold",
  • "lastName": "Schwarzenegger"
}

upsertUserSync

Update user data (synchronous)

Authorizations:
oauth2-clientoauth2 (ROLE_SUROLE_USERS)
path Parameters
id
required
string <uuid>
Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b
Request Body schema: application/json

default response

trusted
boolean
Array of objects (UserRole) [ 0 .. 64 ] items
login
required
string
password
string [ 8 .. 64 ] characters
firstName
string[\p{L}\p{N}_. -]+
lastName
string[\p{L}\p{N}_. -]+
active
boolean
phone
string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId
string [ 3 .. 256 ] characters
Array of objects (AuthStrategyDto) [ 0 .. 16 ] items
consents
Array of strings [ 0 .. 16 ] items
object

Responses

Request samples

Content type
application/json

user

{
  • "login": "testomir5@3e.pl",
  • "active": true,
  • "password": "password123",
  • "roles": [
    ],
  • "firstName": "Arnold",
  • "lastName": "Schwarzenegger"
}

getCatalogUser

Get user information. Internal endpoint only available to other services.

Authorizations:
oauth2-client
path Parameters
id
required
string <uuid>
header Parameters
x-tenant
required
string <uuid>

Responses

getSelf

Get user information about himself.

Authorizations:
oauth2

Responses

updateSelf

Set own data.

Authorizations:
oauth2
Request Body schema: */*
firstName
string[\p{L}\p{N}_. -]+
lastName
string[\p{L}\p{N}_. -]+
phone
string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId
string [ 3 .. 256 ] characters
object

Responses

deleteSelf

Delete own account.

Authorizations:
oauth2
Request Body schema: */*
login
required
string

Responses

updateConsents

Set own consents.

Authorizations:
oauth2
Request Body schema: */*
set
Array of strings [ 0 .. 16 ] items
unset
Array of strings [ 0 .. 16 ] items

Responses

totpSecret

Generate TOTP secret.

Authorizations:
oauth2

Responses

totpConfigure

Set totp config

Authorizations:
oauth2
Request Body schema: */*
secret
required
string [ 10 .. 20 ] characters [a-zA-Z0-9]+
code
required
string 6 characters [0-9]+

Responses

totpRemove

Remove totp config

Authorizations:
oauth2

Responses

tenant

getPublicTenantConfig

Get tenant public config for front apps

Authorizations:
oauth2
query Parameters
filter
string [ 0 .. 128 ] characters [\p{L}\p{N}_.-]+

Responses

updatePublicConfig

Update tenant public properties

Authorizations:
oauth2 (ROLE_SU)
Request Body schema: application/json

default response

Schema not provided

Responses

Request samples

Content type
application/json

config

{
  • "config1": "value",
  • "config2": "true"
}

getCatalogTenant

Get tenant information. Internal endpoint only available to other services.

Authorizations:
oauth2-client
path Parameters
id
required
string <uuid>
query Parameters
filter
string [ 0 .. 128 ] characters [\p{L}\p{N}_.-]+

Responses

catalog

getPublicTenantConfig

Get tenant public config for front apps

Authorizations:
oauth2
query Parameters
filter
string [ 0 .. 128 ] characters [\p{L}\p{N}_.-]+

Responses

getCatalogTenant

Get tenant information. Internal endpoint only available to other services.

Authorizations:
oauth2-client
path Parameters
id
required
string <uuid>
query Parameters
filter
string [ 0 .. 128 ] characters [\p{L}\p{N}_.-]+

Responses

getCatalogUser

Get user information. Internal endpoint only available to other services.

Authorizations:
oauth2-client
path Parameters
id
required
string <uuid>
header Parameters
x-tenant
required
string <uuid>

Responses

getSelf

Get user information about himself.

Authorizations:
oauth2

Responses

totp

totpSecret

Generate TOTP secret.

Authorizations:
oauth2

Responses

totpConfigure

Set totp config

Authorizations:
oauth2
Request Body schema: */*
secret
required
string [ 10 .. 20 ] characters [a-zA-Z0-9]+
code
required
string 6 characters [0-9]+

Responses

totpRemove

Remove totp config

Authorizations:
oauth2

Responses