Authentication 🔐
There are multiple ways of authenticating your requests to Abowire.
- Backend apps: You can provide your client credentials or specify your access token.
- Frontend apps: You can generate a Customer Session scoped to a particular customer or even "Login with Abowire".
- Client Credentials (Backend)
- Customer Session (Frontend)
- Login with Abowire (Frontend)
If you're connecting a backend application and have Client ID and Secret, you can provide them to the SDK and it will authenticate your calls with them. The SDK authenticates you using the OAuth2 Client Credentials Grant.
You can create your credentials by logging into Abowire and going to Settings > Developers > Manage your apps > Create app.
import { Abowire } from "abowire";
const abowire = Abowire({
clientId: "<your-client-id>",
secret: "<your-secret>",
accountId: "<your-account-id>",
scopes: ["customer_read"],
});
Since Apps can be installed in multiple accounts, you will need to specify the account you want to connect to. This can also be done in a separate step:
abowire.configure("accountId", "<your-account-id>");
Customer Sessions are a set of public endpoints that allow you to securely retrieve and update customer information.
You can generate a Customer Session in the backend and pass it to the frontend. This Customer Session will be scoped to a particular customer.
Customer Sessions are scoped to a particular customer and expire after 24 hours.
Onboarding new customers
If you want to onboard new customers, you can create a Customer Session directly in the frontend. If no Customer is tied to the Customer Sesion, you can create a new one and the Customer Session will be scoped to that new customer.
import { Abowire } from "abowire";
const abowire = Abowire({
clientId: "<your-client-id>",
accountId: "<your-account-id>",
});
// Create Customer Session
const customerSession = await abowire.customer.createSession();
// Create/Update Customer information
const customerSession = await abowire.customer.updateSession(
customerSession.id,
{
customer: {
name: "Jane Doe",
},
}
);
Working with existing customers
If you want to be able to specify an existing customer, you need to create the Customer Session in the backend and pass the ID to the frontend. This is useful if you want to manage existing customers.
Backend:
import { Abowire } from "abowire";
const abowire = Abowire({
clientId: "<your-client-id>",
secret: "<your-secret>",
accountId: "<your-account-id>",
});
app.post("/customer-session-id", async (req, res) => {
// Authenticate your customer
// ...
// Retrieve the Abowire Customer ID for that customer
const customerId = "customer_1";
// Create Customer Session linked to an existing Customer
const customerSession = await abowire.customer.createSession({ customerId });
return {
statusCode: 200,
body: JSON.stringify(customerSession),
};
});
Frontend:
import { Abowire } from "abowire";
const abowire = Abowire({
clientId: "<your-client-id>",
accountId: "<your-account-id>",
});
// Fetch existing Customer Session
const customerSession = await fetch("/customer-session-id", {
method: "POST",
});
// Update Customer information
const customerSession = await abowire.customer.updateSession(
customerSession.id,
{
customer: {
name: "John Doe",
},
}
);
You can also leverage Abowire ID to authenticate your customers. This is useful when you don't have your own user system and want to go to market the quickest way possible.
In this case, your user will be redirected to our login page and then back to your application. This flow is based on the OAuth2 Authorization Code Grant and requires no backend integration on your end at all.
You can create your credentials by logging into Abowire and going to Settings > Developers > Manage your apps > Create app.
import { Abowire } from "abowire";
const abowire = Abowire({
clientId: "<your-client-id>",
accountId: "<your-account-id>",
scopes: ["customer_read"],
});
// If no session is present, the SDK will automatically redirect the user to Abowire ID
// and then back to your page
await abowire.login({ redirectUrl: window.location.href });
const customer = await abowire.customer.get("customer_1");
Ready for take off 🚀
You're now ready to make authenticated calls 😎