Skip to main content

Web User Auth API

The Web User Auth API allows Web User to carry out user authentication & authorization functions in the Web Portal.

Endpoints

# Endpoints
POST
/web/auth/login
# Login a Web User
GET
/web/auth/refresh
# Refresh access token
DELETE
/web/auth/logout
# Logout a Web User
POST
/web/auth/otp
# send otp
POST
/web/auth/login/verify
# Login verify OTP
POST
/web/auth/forgot-password/verify
# forgot password verify OTP
PUT
/web/auth/password
# Reset user password after 'forgot password verify OTP' in 15 minutes limit

Login

This endpoint authenticates the user. It will return access token in the response body and refresh token in the header.

Request (EmailLoginDTO)

POST /web/auth/login
{
  "email": "test@aritaone.com",
  "password": "PasghWgf"
}

Response (AuthLoginResDTO)

{
  "success": true,
  "message": "",
  "data": [
    {
      "accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyZGUwYjg3Ni1jNmM2LTExZWQtYTQ5Yy0wMjQyYWMxMjAwMDIiLCJleHAiOjE2NzkyODc3Mjd9.9c6BUnxi0Rruag2OCJKiHWquRf830Ma9yeI-atSH-TQ"
    }
  ]
}

Refresh

This endpoint refresh the Web user's access token. Bearer Token is not needed while the "Cookie:refreshToken" must be included.

Request

GET /web/auth/refresh

Response (AuthLoginResDTO)

{
  "success": true,
  "message": "",
  "data": [
    {
      "accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyZGUwYjg3Ni1jNmM2LTExZWQtYTQ5Yy0wMjQyYWMxMjAwMDIiLCJleHAiOjE2NzkyODc3Mjd9.9c6BUnxi0Rruag2OCJKiHWquRf830Ma9yeI-atSH-TQ"
    }
  ]
}

Logout

This endpoint logout a user.

Request

DELETE /web/auth/logout

Response

{
  "success": true,
  "message": "",
  "data": null
}

Send OTP

This endpoint triggers the one-time-password verification of four digits for email or phone.

Request (OtpReqDTO)

POST /web/auth/otp
{
  "nature": 6,
  "loginID": "test@aritaone.com"
}

Response (OtpResDTO)

{
  "success": true,
  "message": "",
  "data": {
    "otpToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHBpcnkiOiIyMDI0LTA0LTIzVDA5OjA0OjQ1WiIsImxvZ2luSUQiOiJ0ZXN0QGFyaXRhb25lLmNvbSIsIm5hdHVyZSI6MX0.iTIbn6BUqsAAxLVrTSHYxkLV39ajcp8H-PL_KYb_3OI"
  }
}

Login verify OTP

This endpoint verifies the one-time-password verification.

Request (OtpVerificationReqDTO)

POST /web/auth/login/verify
{
  "otp": 37695,
  "otpToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHBpcnkiOiIyMDI0LTA0LTIzVDA5OjA0OjQ1WiIsImxvZ2luSUQiOiJ0ZXN0QGFyaXRhb25lLmNvbSIsIm5hdHVyZSI6MX0.iTIbn6BUqsAAxLVrTSHYxkLV39ajcp8H-PL_KYb_3OI"
}

Response

{
  "success": true,
  "message": "",
  "data": {
    "accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyZGUwYjg3Ni1jNmM2LTExZWQtYTQ5Yy0wMjQyYWMxMjAwMDIiLCJleHAiOjE2NzkyODc3Mjd9.9c6BUnxi0Rruag2OCJKiHWquRf830Ma9yeI-atSH-TQ"
  }
}

Forgot password verify OTP

This endpoint verifies the one-time-password verification before setting password.

Request (OtpVerificationReqDTO)

POST /web/auth/forgot-password/verify
{
  "otp": 37695,
  "otpToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHBpcnkiOiIyMDI0LTA0LTIzVDA5OjA0OjQ1WiIsImxvZ2luSUQiOiJ0ZXN0QGFyaXRhb25lLmNvbSIsIm5hdHVyZSI6MX0.iTIbn6BUqsAAxLVrTSHYxkLV39ajcp8H-PL_KYb_3OI"
}

Response

{
  "success": true,
  "message": "",
  "data": {
    "accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyZGUwYjg3Ni1jNmM2LTExZWQtYTQ5Yy0wMjQyYWMxMjAwMDIiLCJleHAiOjE2NzkyODc3Mjd9.9c6BUnxi0Rruag2OCJKiHWquRf830Ma9yeI-atSH-TQ"
  }
}

Forgot reset password

Request (UserSetPasswordReqDTO)

PUT /web/auth/password
{
  "password": "gdfhdjo33"
}

Response

{
  "success": true,
  "message": "",
  "data": null
}

Resources

EmailLoginDTO

properties
  • email
    string
    required
    email
    The login identification. This field can only be login email.
  • password
    string
    required
    The password length must be 6-40 uppercase and lowercase alphanumeric characters or the following special characters: @$!%?:&-_+=

AuthLoginReqDTO

properties
  • email
    string
    required
    The login identification. This field can only be login email.
  • password
    string
    required
    The login password

AuthLoginResDTO

properties
  • accessToken
    string
    required
    The access token is generated for the access to the JCCI resources

OtpReqDTO

properties
  • nature
    OtpNature
    The nature of OTP.
  • loginID
    string
    required
    The login identification. This field can be login email or login phone. Login username is not supported in this method

OtpResDTO

properties
  • otpToken
    string
    required
    Token is generated with expiry time, loginID and nature of OTP.
    The token generated for verification.

SetUserPasswordReqDTO

properties
  • oldPassword
    string
    required
    The old login password
  • password
    string
    required
    The new login password

ForgotPasswordReqDTO

properties
  • email
    string
    required
    The login email

ForgotPasswordResDTO

properties
  • otpToken
    string
    required
    Token is generated with expiry time, loginID and nature of OTP.
    The token generated for verification.

OtpVerificationReqDTO

properties
  • otp
    integer
    required
    The four-digit verification code.
  • otpToken
    string
    required
    Token is generated with expiry time, loginID and nature of OTP.
    The token generated for verification.

UserLoginResDTO

properties
  • accessToken
    string
    required
    The access token is generated for the access to the JCCI resources

UserSetPasswordReqDTO

properties
  • password
    string
    required
    at least 8 chars
    at most 40 chars
    only letters, numbers and special characters are allowed
    at least one letter
    at least one number
    The login password. If password is not provided, it will be generated randomly by system.

OtpNature

NameValueDescription
RESET_PASSWORD3The users need to verify their identity in the flow of "reset password" or "forgot password"
UPDATE_EMAIL4The users update their own email or link the account to an email
UPDATE_PHONE5The users update their own phone or link the account to a phone
WEB_LOGIN6User for login to web portal