Auth API (1.0)

Download OpenAPI specification:Download

OrderingStack auth API

Authentication

oauth2

Standard token auth

Security Scheme Type	OAuth2

oauth2-client

Internal authorization between microservices

Security Scheme Type	OAuth2

user

getUser

Get single user data

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

path Parameters

id

required

string <uuid>

Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b

Responses

upsertUser

Update user data

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

path Parameters

id

required

string <uuid>

Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b

Request Body schema: application/json

trusted	boolean
	Array of objects (UserRole) [ 0 .. 64 ] items
login required	string
password	string [ 8 .. 64 ] characters
firstName	string[\p{L}\p{N}_. -]+
lastName	string[\p{L}\p{N}_. -]+
active	boolean
phone	string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId	string [ 3 .. 256 ] characters
	Array of objects (AuthStrategyDto) [ 0 .. 16 ] items
consents	Array of strings [ 0 .. 16 ] items
	object

Responses

Request samples

Payload

Content type

application/json

user

{"login": "testomir5@3e.pl",
"active": true,
"roles": [{"role": "COOK"
},
{"venue": "venue1",
"role": "MANAGER"
}
],
"firstName": "Arnold",
"lastName": "Schwarzenegger"
}

deleteUser

Delete user. Be careful as this is not reversible. If user has user management role he may delete every single user.This will trigger respective actions in dependent modules, like loyalty, wallet, etc.

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

path Parameters

id

required

string <uuid>

Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b

Responses

upsertUserSync

Update user data (synchronous)

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

path Parameters

id

required

string <uuid>

Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b

Request Body schema: application/json

trusted	boolean
	Array of objects (UserRole) [ 0 .. 64 ] items
login required	string
password	string [ 8 .. 64 ] characters
firstName	string[\p{L}\p{N}_. -]+
lastName	string[\p{L}\p{N}_. -]+
active	boolean
phone	string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId	string [ 3 .. 256 ] characters
	Array of objects (AuthStrategyDto) [ 0 .. 16 ] items
consents	Array of strings [ 0 .. 16 ] items
	object

Responses

Request samples

Payload

Content type

application/json

user

{"login": "testomir5@3e.pl",
"password": "password123",
"active": true,
"roles": [{"role": "COOK"
},
{"venue": "venue1",
"role": "MANAGER"
}
],
"firstName": "Arnold",
"lastName": "Schwarzenegger"
}

getUserList

Get paginated list of users. This endpoint is compatible with React AdminOnRest framework to provide DataSource.

Authorizations:

oauth2 (ROLE_SUROLE_USERS)

query Parameters

required

object (UserFilter)

Responses

createUser

Create new user

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

Request Body schema: application/json

trusted	boolean
	Array of objects (UserRole) [ 0 .. 64 ] items
login required	string
password	string [ 8 .. 64 ] characters
firstName	string[\p{L}\p{N}_. -]+
lastName	string[\p{L}\p{N}_. -]+
active	boolean
phone	string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId	string [ 3 .. 256 ] characters
	Array of objects (AuthStrategyDto) [ 0 .. 16 ] items
consents	Array of strings [ 0 .. 16 ] items
	object

Responses

Request samples

Payload

Content type

application/json

user

{"id": "9cbe650a-1fb7-4b06-912b-cead8a013e8b",
"login": "testomir5@3e.pl",
"password": "password123",
"active": true,
"roles": [{"role": "COOK"
},
{"venue": "venue1",
"role": "MANAGER"
}
],
"firstName": "Arnold",
"lastName": "Schwarzenegger"
}

upsertAuthStrategy

Upsert auth strategy

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

path Parameters

id

required

string <uuid>

Example: 9cbe650a-1fb7-4b06-912b-cead8a013e8b

Request Body schema: application/json

strategy required	string [ 1 .. 32 ] characters [a-zA-Z0-9_.-]+
id required	string [ 1 .. 255 ] characters
password	string [ 10 .. 64 ] characters
active	boolean

Responses

Request samples

Payload

Content type

application/json

{"strategy": "string",
"id": "string",
"password": "stringstri",
"active": true
}

createUserSync

Create new user (synchronous)

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

Request Body schema: application/json

trusted	boolean
	Array of objects (UserRole) [ 0 .. 64 ] items
login required	string
password	string [ 8 .. 64 ] characters
firstName	string[\p{L}\p{N}_. -]+
lastName	string[\p{L}\p{N}_. -]+
active	boolean
phone	string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId	string [ 3 .. 256 ] characters
	Array of objects (AuthStrategyDto) [ 0 .. 16 ] items
consents	Array of strings [ 0 .. 16 ] items
	object

Responses

Request samples

Payload

Content type

application/json

user

{"id": "9cbe650a-1fb7-4b06-912b-cead8a013e8b",
"login": "testomir5@3e.pl",
"password": "password123",
"active": true,
"roles": [{"role": "COOK"
},
{"venue": "venue1",
"role": "MANAGER"
}
],
"firstName": "Arnold",
"lastName": "Schwarzenegger"
}

totpConfigure

Set totp config

Authorizations:

oauth2

Request Body schema: application/json

secret required	string [ 10 .. 20 ] characters [a-zA-Z0-9]+
code required	string 6 characters [0-9]+

Responses

Request samples

Payload

Content type

application/json

{"secret": "stringstri",
"code": "string"
}

totpRemove

Remove totp config

Authorizations:

oauth2

Responses

getSelf

Get user information about himself.

Authorizations:

oauth2

Responses

updateSelf

Set own data.

Authorizations:

oauth2

Request Body schema: application/json

firstName	string[\p{L}\p{N}_. -]+
lastName	string[\p{L}\p{N}_. -]+
phone	string [ 3 .. 32 ] characters [a-zA-Z0-9. ()-]+
pushId	string [ 3 .. 256 ] characters
	object

Responses

Request samples

Payload

Content type

application/json

{"firstName": "string",
"lastName": "string",
"phone": "string",
"pushId": "string",
"properties": {"property1": "string",
"property2": "string"
}
}

deleteSelf

Delete own account.

Authorizations:

oauth2

Request Body schema: application/json

login

required

string

Responses

Request samples

Payload

Content type

application/json

{"login": "string"
}

updateConsents

Set own consents.

Authorizations:

oauth2

Request Body schema: application/json

set	Array of strings [ 0 .. 16 ] items
unset	Array of strings [ 0 .. 16 ] items

Responses

Request samples

Payload

Content type

application/json

{"set": ["string"
],
"unset": ["string"
]
}

byAuthStrategy

Find by auth strategy

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

query Parameters

strategy required	string [ 1 .. 32 ] characters [a-zA-Z0-9_.-]+ Example: strategy=FB
id required	string [ 1 .. 255 ] characters Example: id=12345
email required	string [ 0 .. 255 ] characters Example: email=abc@domain.com

Responses

getUserContact

Get user contact information.

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERSROLE_USERCONTACT)

path Parameters

id

required

string <uuid>

header Parameters

x-tenant

string <uuid>

Responses

totpSecret

Generate TOTP secret.

Authorizations:

oauth2

Responses

getCatalogUser

Get user information. Internal endpoint only available to other services.

Authorizations:

oauth2-client

path Parameters

id

required

string <uuid>

header Parameters

x-tenant

required

string <uuid>

Responses

tenant

upsertTenantProperty

Upsert specific property

Authorizations:

oauth2 (ROLE_SU)

path Parameters

property

required

string[a-zA-Z0-9_.-]+

Request Body schema: application/json

property	string[a-zA-Z0-9_.-]+
value required	string
isPrivate	boolean
isObfuscate	boolean

Responses

Request samples

Payload

Content type

application/json

{"property": "string",
"value": "string",
"isPrivate": true,
"isObfuscate": true
}

deleteTenantProperty

Delete specific property

Authorizations:

oauth2 (ROLE_SU)

path Parameters

property

required

string[a-zA-Z0-9_.-]+

query Parameters

isPrivate

required

boolean

Responses

getPublicTenantConfig

Get tenant public config for front apps

Authorizations:

oauth2

query Parameters

filter

string [ 0 .. 128 ] characters [\p{L}\p{N}_.-]+

Responses

updatePublicConfig

Update tenant public properties

Authorizations:

oauth2 (ROLE_SU)

Request Body schema: application/json

property name*

string

Responses

Request samples

Payload

Content type

application/json

config

{"config1": "value",
"config2": "true"
}

getTenantProperties

Get paginated list of tenant properties. This endpoint is compatible with React AdminOnRest framework to provide DataSource.

Authorizations:

oauth2 (ROLE_SU)

query Parameters

required

object (PropertiesFilter)

Responses

upsertTenantProperty_1

Upsert property

Authorizations:

oauth2 (ROLE_SU)

Request Body schema: application/json

property	string[a-zA-Z0-9_.-]+
value required	string
isPrivate	boolean
isObfuscate	boolean

Responses

Request samples

Payload

Content type

application/json

{"property": "string",
"value": "string",
"isPrivate": true,
"isObfuscate": true
}

getTenantPropertiesSchema

Get properties schema definition.

Authorizations:

oauth2 (ROLE_SU)

Responses

getCatalogTenant

Get tenant information. Internal endpoint only available to other services.

Authorizations:

oauth2-client

path Parameters

id

required

string <uuid>

query Parameters

filter

string [ 0 .. 128 ] characters [\p{L}\p{N}_.-]+

Responses

module

getModule

Get single module data

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_READMODULESROLE_{venue}_MODULESROLE_{venue}_READMODULES)

path Parameters

id

required

string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+

Example: kiosk-1

Responses

upsertModule

Update (upsert) module data

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_{venue}_MODULES)

path Parameters

id

required

string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+

Example: kiosk-1

Request Body schema: application/json

id required	string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+
type required	string Enum: "KIOSK" "POS_INTEGRATOR" "AGGREGATOR" "BI_CONNECTOR" "KDS" "STATUS_SCREEN" "LOYALTY" "LOYALTY_INTEGRATOR" "MOBILE_APP_LOYALTY" "ORDERING_WEB" "DELIVERY_PANEL" "UNKNOWN"
production	boolean
user	string <uuid>
venue	string [ 0 .. 128 ] characters [a-zA-Z0-9_.-]+
config	object
	object

Responses

Request samples

Payload

Content type

application/json

module

{"id": "kiosk-1",
"type": "KIOSK",
"production": false
}

deleteModule

Delete module.

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULES)

path Parameters

id

required

string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+

Example: kiosk-1

Responses

getModulesList

Get paginated list of modules. This endpoint is compatible with React AdminOnRest framework to provide DataSource.

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_READMODULESROLE_MANAGERROLE_{venue}_MODULESROLE_{venue}_READMODULESROLE_{venue}_MANAGER)

query Parameters

required

object (ModuleFilter)

header Parameters

x-tenant

string <uuid>

Responses

createModule

Create (upsert) new module

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_{venue}_MODULES)

Request Body schema: application/json

id required	string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+
type required	string Enum: "KIOSK" "POS_INTEGRATOR" "AGGREGATOR" "BI_CONNECTOR" "KDS" "STATUS_SCREEN" "LOYALTY" "LOYALTY_INTEGRATOR" "MOBILE_APP_LOYALTY" "ORDERING_WEB" "DELIVERY_PANEL" "UNKNOWN"
production	boolean
user	string <uuid>
venue	string [ 0 .. 128 ] characters [a-zA-Z0-9_.-]+
config	object
	object

Responses

Request samples

Payload

Content type

application/json

module

{"id": "kiosk-1",
"type": "KIOSK",
"production": false
}

getModuleCommonConfig_1

Get common module config

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_READMODULESROLE_{venue}_MODULESROLE_{venue}_READMODULES)

path Parameters

type

required

string

Enum: "KIOSK" "POS_INTEGRATOR" "AGGREGATOR" "BI_CONNECTOR" "KDS" "STATUS_SCREEN" "LOYALTY" "LOYALTY_INTEGRATOR" "MOBILE_APP_LOYALTY" "ORDERING_WEB" "DELIVERY_PANEL" "UNKNOWN"

Example: KDS

Responses

setModuleCommonConfig

Set common module config

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULES)

path Parameters

type

required

string

Enum: "KIOSK" "POS_INTEGRATOR" "AGGREGATOR" "BI_CONNECTOR" "KDS" "STATUS_SCREEN" "LOYALTY" "LOYALTY_INTEGRATOR" "MOBILE_APP_LOYALTY" "ORDERING_WEB" "DELIVERY_PANEL" "UNKNOWN"

Example: KDS

Request Body schema: application/json

property name*

string

Responses

Request samples

Payload

Content type

application/json

{"property1": "string",
"property2": "string"
}

logoutModule

Logout module (remove current token)

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULES)

path Parameters

id

required

string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+

Example: kiosk-1

Responses

getModuleConfig

Get module config based on token. Token must contain 'module' identifier, so it must be fetched in device code flow.

Authorizations:

oauth2

Responses

getVenueModuleConfig

Get module config for specific venue and module type.

Authorizations:

oauth2-client

path Parameters

venue

required

string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+

Example: venue-1

query Parameters

type required	string Enum: "KIOSK" "POS_INTEGRATOR" "AGGREGATOR" "BI_CONNECTOR" "KDS" "STATUS_SCREEN" "LOYALTY" "LOYALTY_INTEGRATOR" "MOBILE_APP_LOYALTY" "ORDERING_WEB" "DELIVERY_PANEL" "UNKNOWN" Example: type=AGGREGATOR
filterConfigName	stringconfig\.[a-zA-Z0-9]+ Example: filterConfigName=config.storeId
filterConfigValue	string[a-zA-Z0-9._-]+ Example: filterConfigValue=abcXYZ-123

Responses

getModuleCommonConfig

Get module common config based on token. Token must contain 'module' identifier, so it must be fetched in device code flow.

Authorizations:

oauth2

Responses

findModuleConfig

Find modules with configs for specific criteria

Authorizations:

oauth2-client

query Parameters

required

object (ModuleFilter)

Responses

listAllModules

Get list of all modules. This endpoint is only for internal use.

Authorizations:

oauth2-client

query Parameters

required

object (ModuleFilter)

header Parameters

x-tenant

string <uuid>

Responses

getModule_1

Get single module data

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_MODULESROLE_READMODULESROLE_{venue}_MODULESROLE_{venue}_READMODULES)

path Parameters

id

required

string [ 2 .. 64 ] characters [a-zA-Z0-9_-]+

Example: kiosk-1

Responses

catalog

getPublicTenantConfig

Get tenant public config for front apps

Authorizations:

oauth2

query Parameters

filter

string [ 0 .. 128 ] characters [\p{L}\p{N}_.-]+

Responses

getSelf

Get user information about himself.

Authorizations:

oauth2

Responses

getUserContact

Get user contact information.

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERSROLE_USERCONTACT)

path Parameters

id

required

string <uuid>

header Parameters

x-tenant

string <uuid>

Responses

getCatalogUser

Get user information. Internal endpoint only available to other services.

Authorizations:

oauth2-client

path Parameters

id

required

string <uuid>

header Parameters

x-tenant

required

string <uuid>

Responses

getCatalogTenant

Get tenant information. Internal endpoint only available to other services.

Authorizations:

oauth2-client

path Parameters

id

required

string <uuid>

query Parameters

filter

string [ 0 .. 128 ] characters [\p{L}\p{N}_.-]+

Responses

totp

totpConfigure

Set totp config

Authorizations:

oauth2

Request Body schema: application/json

secret required	string [ 10 .. 20 ] characters [a-zA-Z0-9]+
code required	string 6 characters [0-9]+

Responses

Request samples

Payload

Content type

application/json

{"secret": "stringstri",
"code": "string"
}

totpRemove

Remove totp config

Authorizations:

oauth2

Responses

totpSecret

Generate TOTP secret.

Authorizations:

oauth2

Responses

roles

revokeRolesGlobally

Revoke roles globally (from all users that have such role in venue or global context). You cannot revoke SU role this way. When used as regular user - does not revoke roles from himself (for security).

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

Request Body schema: application/json

Array ()

string

Responses

Request samples

Payload

Content type

application/json

["string"
]

grantRoleByLogins

Grant role by login/email (list).

Authorizations:

oauth2-clientoauth2 (ROLE_SUROLE_USERS)

Request Body schema: application/json

venue	string [ 1 .. 128 ] characters [a-zA-Z0-9_.-]+
role required	string [ 1 .. 128 ] characters [a-zA-Z0-9_]+
logins required	Array of strings [ 1 .. 100 ] items

Responses

Request samples

Payload

Content type

application/json

{"venue": "string",
"role": "string",
"logins": ["string"
]
}