Authenticating with an Auth Token (BETA)
Authenticating with an auth token follows the standard HTTP Bearer Token usage.
The request must contain an Authorization header which contains an ASCII string that contains the base64-encoded value of your auth_token's token app's client_id and client_secret values.
Note: the token value in the Basic string cannot be a bytes string.
Refer to /auth_token docs for how-to build a HTTP Basic Authentication credentials string.
Sila AuthToken Postman Collection can be found here.
POST /0.2/check_handle HTTP/1.1
Host: sandbox.silamoney.com
Content-Type: application/json
Authorization: Bearer dGhpcyBpcyB0aGUgInRva2VuIiB2YWx1ZSBvZiB5b3VyIHVuZXhwaXJlZCBhY2Nlc3MgdG9rZW4gcmV0dXJuZWQgYnkgL2FjY2Vzc190b2tlbg==
{
"header": {
"created": 1234567890,
"auth_handle": "handle.silamoney.eth",
"user_handle":"user.silamoney.eth",
"version": "0.2",
"reference": "<your unique id>"
},
"message": "header_msg"
}
***
HTTP/1.1 200 OK
{
"success": true,
"reference": "<your unique id>",
"message": "user.silamoney.eth is available.",
"status": "SUCCESS"
}
Authentication failure responses
There are various conditions relating to the use of an auth token which can produce an authentication error. Some of the returned error messages are deliberately vague to avoid exposing failure reasons in order not to encourage phishing.
| Status code | Error Message | Reason |
|---|---|---|
| 401 | The auth token provided has expired. | Expired token |
| 401 | The auth token is invalid. | Token was not generated for the app specified by auth_handle |
| 403 | The Authorization: Bearer string is not properly encoded; it must be a base64-encoded ASCII string. | Poorly-formed Bearer token (usually incorrect encoding) |
| 403 | Permission to auth this resource has been denied. | Use of Basic HTTP Authentication header (currently only used by /auth_token) |
| 403 | The auth token is invalid. | Passing a token for a SANDBOX app to PROD (or vice-versa) |
Updated 5 months ago