diff options
author | Christian Grothoff <grothoff@gnunet.org> | 2023-09-05 18:04:48 +0200 |
---|---|---|
committer | Christian Grothoff <grothoff@gnunet.org> | 2023-09-05 18:04:55 +0200 |
commit | 47a86dfcb9af85ee38f4374eb49d2ab47d348e34 (patch) | |
tree | ca417cb72f9eacb192e11eb1ccda01d962a49b78 /core/api-merchant.rst | |
parent | ced82b398c7ce1053f0de27d5e5299970068e3b6 (diff) | |
download | docs-47a86dfcb9af85ee38f4374eb49d2ab47d348e34.tar.gz docs-47a86dfcb9af85ee38f4374eb49d2ab47d348e34.tar.bz2 docs-47a86dfcb9af85ee38f4374eb49d2ab47d348e34.zip |
document /login API for merchant
Diffstat (limited to 'core/api-merchant.rst')
-rw-r--r-- | core/api-merchant.rst | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/core/api-merchant.rst b/core/api-merchant.rst index 71f33b0e..bec280a1 100644 --- a/core/api-merchant.rst +++ b/core/api-merchant.rst @@ -1011,6 +1011,59 @@ Setting up instances .. http:post:: [/instances/$INSTANCE]/private/login + **Request:** + + The request must be a `LoginRequest`. + + **Response:** + + :http:statuscode:`200 Ok`: + The backend is returning the access token in a + `LoginSuccessResponse`. + + **Details:** + + .. note:: + + Typically the ``access_token`` would be an EdDSA signature + over (username, scope, timestamp, expiry). + + Alternatively, valid access tokens could also be random identifiers + stored in a database table. + + .. ts:def:: LoginRequest + + interface LoginRequest { + // Scope of the token (which kinds of operations it will allow) + scope: "readonly" | "write"; + + // Server may impose its own upper bound + // on the token validity duration + duration?: RelativeTime; + + // Can this token be refreshed? + // Defaults to false. + refreshable?: boolean; + } + + .. ts:def:: LoginSuccessResponse + + interface LoginSuccessResponse { + // The bearer token that can be used to access resources + // that are in scope for some time. + access_token: string; + + // Scope of the token (which kinds of operations it will allow) + scope: "readonly" | "write"; + + // Server may impose its own upper bound + // on the token validity duration + expiration: Timestamp; + + // Can this token be refreshed? + refreshable: boolean; + } + .. http:patch:: /management/instances/$INSTANCE .. http:patch:: [/instances/$INSTANCE]/private |