This method is used for fetching JWT access token for service access on both Guest ID and Scan App APIs
In order to authenticate your requests, you need to submit a POST request onto [<https://api.scandoc.ai/ks/authenticate/>.](https://api.scandoc.ai/ks/authenticate/.). Request structure is a JSON body in the following format:
{
"user_key": "<USER-KEY>",
"sub_client": "<USER-DEFINED-FIELD>"
}
The user key field should be provided to you, and you should store it as a secret in your frontend service. If at any time, you think your key has been sniffed, you can request a new one.
Sub-client field is a user defined field that can be used to manage your own requests (if you would have a need for something like that). We would reccommend using it for distinguishing your own clients. At any time, we offer an insight into your own usage, and your clients usage.
Return value for an authenticate request like this can either be 200 OK or 401 UNAUTHORIZED. On a success a response containing both access and refresh tokens is provided.
Example response is as follows:
{
"access_token": "<JWT-ACCESS-TOKEN>",
"refresh_token": "<JWT-REFRESH-TOKEN>"
}
The same access token can be used for accessing both ScanApp and Guest ID APIs.
Access token is used as a header to all ScanApp and Guest ID APIs requests in the following format:
"Authorization": "<JWT-ACCESS-TOKEN>"
You should invoke this endpoint prior to any ScanApp or Guest ID API call in the case you do not have an already active token. If you do have an active token, you should check out /authenticate/refresh method