Guides
Dashboard Bridge

User creation and authentication

Suggest Edits

User creation

It's essential to link Users in your backend to your abstraction of a User or Client. When you create a user with our API, you can add an external_user_id in the body as an additional reference.

curl --request POST \
     --url https://api.bridgeapi.io/v3/aggregation/users \
     --header 'Bridge-Version: BRIDGE_VERSION' \
     --header 'accept: application/json' \
     --header 'content-type: application/json'

curl --request POST \
     --url https://api.bridgeapi.io/v3/aggregation/users \
     --header 'Bridge-Version: BRIDGE_VERSION' \
     --header 'accept: application/json' \
     --header 'content-type: application/json'
     --data '
{
  "external_user_id": "A6JEJIID1919BDS"
}
'

If you create a user with an external_user_id, you can also authenticate himself with this field and also to research users in our dashboard with this reference.

If you create users with an external_user_id, you can both authenticate them and search for users with this reference in our dashboard.

⚠️

User lifecycle management

Don't forget to delete the Bridge users associated to your customers when they delete their account on your service.


User authentication

Use the following endpoint to authenticate a user:

curl --request POST \
     --url https://api.bridgeapi.io/v3/aggregation/authorization/token \
     --header 'Bridge-Version: BRIDGE_VERSION' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "user_uuid": "c2a26c9e-dc23-4f67-b887-bbae0f26c415"
}
'

curl --request POST \
     --url https://api.bridgeapi.io/v3/aggregation/authorization/token \
     --header 'Bridge-Version: 2024-08-15' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "external_user_id": "A6JEJIID1919BDS"
}
'

The response will contain an access_token:

{
  "access_token": "...",
  "expires_at": "2019-05-06T11:08:25.040Z",
  "user": {
    "uuid": "c2a26c9e-dc23-4f67-b887-bbae0f26c415",
    "external_user_id": "A6JEJIID1919BDS"
  }
}

To perform authenticated API calls, include the access_token in the Authorization request header using the bearer authentication scheme. Here's an example:

curl "https://api.bridgeapi.io/v3/aggregation/items?limit=100" \
	-X GET \
	-H 'Bridge-Version: BRIDGE_VERSION' \
	-H 'Client-Id: MY_CLIENT_ID' \
	-H 'Client-Secret: MY_CLIENT_SECRET' \
	-H 'Authorization: Bearer TOP_SECRET_ACCESS_TOKEN'

📘

Session expiration

Keep in mind that the OAuth token is valid for two hours (UTC+0) after issuance. If the token expires, attempts to make calls with it will result in an HTTP 401 error, requiring a new authentication.

Updated 9 days ago