Finding Your Authentication Credentials
Head to the backend of your website to obtain credentials:
- Login to the Worker Portal
- Search for App Authorizations and click on the menu link
- Click “Edit” under the actions column for the Authorization
- Credentials are located in the “Authorization Information” section (Reference below)
- When resetting your AuthPassword, you must submit at the bottom of the page to save the new AuthPassword
Please Note
- Your Authorization Password is hashed and can only be reset (i.e. we cannot retrieve current, or past, authorization passwords since it is not stored in a plaintext format)
- You should make note of the Authorization Password outside of your website on creation, or reset, to minimize disruptions
- Your authentication credentials are sensitive information and should not be shared outside trusted third parties
Authentication Types
The Authentication Type is assigned at the Authorization level when setting up your App Authorization. There are two Authentication Types available:
- Default (JWT Bearer)
- Authentication requests generate an authentication token, which expire after 7 days from creation
- This is an authentication type of “Bearer Token” and must be passed with each corresponding HTTP request (excluding the Canary Endpoint)
- There is no limit to the number of generated Bearer Tokens (i.e. you can authenticate and generate a Bearer Token as often as you’d like)
- This method allows customer-specific pricing via the GenerateCustomerSession request.
- Basic
- Basic Authentication only requires the Authorization Username and Password to be passed for each API request
Default (JWT Bearer) Authentication Request
HTTP Method: POST
Endpoint: https://api.cimcloud.com/{sitename}/authenticate
Body (set the values obtained from the Finding Your Authentication Credentials section above):
{ "AuthKey": "xxxxxxxxxxx", "AuthUserName": "xxxxxxxxxxx", "AuthPassword": "xxxxxxxxxxx" }
Successful Response:
{ "expiration": "2022-01-01T01:00:00Z", "token": "xxxxxxxxxxx" }
Session-Based Default (JWT Bearer) Authentication Request
HTTP Method: POST
Endpoint: https://api.cimcloud.com/{sitename}/authenticate
Body (set the values obtained from the Finding Your Authentication Credentials section above):
{ "AuthKey": "xxxxxxxxxxx", "AuthUserName": "xxxxxxxxxxx", "AuthPassword": "xxxxxxxxxxx", "SessionUsername": "xxxxxxxxxxx" }
Successful Response:
{ "expiration": "2022-01-01T01:00:00Z", "token": "xxxxxxxxxxx", "session": "xxxxxxxxxxx" }