Get to know about our API authentication process here!
Introduction
When you use OAuth2, the Cymbio Authentication API allows you to handle all aspects of user identification. It has endpoints for logging in, signing up, logging out, using APIs, and more.
OAuth 2.0 is the identity protocol supported by the API.
To receive an access token, you need to perform the following steps:
- Contact our team to receive the invitations to sign up to the Cymbio staging portal.
- Receive Client ID, Supplier ID, Client Secret, and Retailer ID.
- Set your Grant Type (your credentials).
- Set the scope definitions per the diagram below.
- Request an Access Token by sending a
POST
request to htttps://api.cym.bio/oauth/token for the Production environment, or https://cymbio3-api-staging.cym.bio/oauth/token
for the Staging one. - Receive an Access Token.
The following diagrams show the overview of the API authentication process for both Supplier and Retailer API.
Info:
The access token is only valid for a five minutes period. You need to get a new access token after the five minutes period has passed.
Base URL
The Authentication API is accessible through HTTPS {{api-host}}/OAuth/token)
. The following is the base for all URLs mentioned in the documentation: https://api.cym.bio/.
Authentication Parameters
To get authenticated, you need to have the following parameters:
Parameters | Description |
---|---|
client_id | The Client ID that you receive upon account activation. |
client_secret | The Client Secret that you receive upon account activation. |
grant_type | The Client Credentials Grant Type to request an access token. |
username | The username of your account. |
password | The password of your account. |
scope | The scope capability of your API request for various API endpoints. For example: read, write, etc. For details, please see the Scope section below. |
Scope
Each API has a scope definition that you need to request based on the calls, but the relevant ones are:
Scope | Description |
---|---|
read:channels | Retrieves channels list |
read:inventory | Retrieves inventory-related info (inventory, history) |
read:orders | Retrieves orders |
read:retailers | Retrieves retailer's info (suppliers attached to this retailer, supported languages, etc.) |
read:suppliers | Retrieves supplier's info (testing portal, order by id, etc.) |
read:variants | Retrieves variant-related info (languages, variants, etc.) |
read:warehouses | Retrieves warehouse-related info (warehouses, etc.) |
write:fulfillments | Updates fulfillment-related info (rejects, shipments, etc.) |
write:inventory | Updates inventory-related info (inventory per supplier) |
write:orders | Update order-related info (orders, cancels, update fulfillments, etc.) |
write:retailers | Update retailers-related info (retailer, orders, returns, etc.) |
write:suppliers | Update suppliers-related info (import permissions, import pricing, etc.) |
write:variants | Update variants-related info (save, update, delete, etc.) |
write:warehouses | Update warehouses-related info |
Need help?
If you've run into an issue, please report it by emailing [email protected]. Include a description of the issue you're experiencing, provide steps to recreate it, and share the API call you did including the body/payload and the full responses that you received. A member of our team will reach out for additional info if needed.