How does a native application authenticate with a DistributionGate?

You have the connection data for a DistributionGate. Your user can now use their credentials to log in with the DistributionGate to find products and prices. Learn how the authentication works with a native software.

 

You got information about the connected DistributionGates, your user can now select a distributor from the list and authenticate. These are the steps you need to implement:

  1. Your software asks for the user's credentials.
  2. Your software uses the connection data for the authentication provider returned by the connectedDistributionGates query and the user's credentials to authenticate. A token is returned.

Native App authentication

Login credentials for distributor

To be allowed to communicate with the DistributionGate your user needs an account with the distributor. For the implementation we provide you with an account.

  • From the connectedDistrubionGate query you got the URL, Client ID and Client Secret for our authentication provider.
    • URL: The URL could look like this: https://exampledistributor.eu.auth0.com/oauth/token .
    • Client ID and Client Secret are alphanumerical codes.
  • Your user enters user name and password or you use our test user.

This is how the request looks like; add the required information:

curl --request POST \
--url <Base URL of Auth0 endpoint for token request for this DistributionGate>/oauth/token>, \
--header 'content-type: application/x-www-form-urlencoded' \
--data grant_type=password \
--data client_id=<client_id distributor>\
--data client_secret=<client_secret for distributor> \
--data 'username=<user name>' \
--data 'password=<password>' \
--data 'scope=read:order read:products read:shoppingCart write:order write:shoppingCart openid' \
--data audience=http://mdg.promaterial.com/api

Response:

{
"access_token": "<JWT token>",
"scope": "read:order read:products read:shoppingCart write:order write:shoppingCart openid",
"expires_in": 86400,
"token_type": "Bearer"
}

Send the token with each request to the DistributionGate: