Midigator® Authentication API API Reference
Introduction
Midigator’s authentication API is structured around the REST architectural style and returns JSON-encoded responses. It uses standard HTTP response codes and authentication.
The API can be called from any language, including .NET, Java, PHP, and Python, and it can be deployed on multiple platforms, such as Windows, Mac OS, or Linux.
If you have questions about the information in this API document or are unable to resolve an error message, please contact the integrations team at integrations@midigator.com.
Authentication API
Authentication to Midigator APIs is performed by requesting a short-livedbearer token using a long-lived API secret. The bearer token is then used for subsequent requests. Midigator API tokens are JWTs and the exp claim can be used to determine token expiration to refresh the token prior to expiration.
API Flow
Midigator suggests using the authentication API in the following flow:
1. Obtain an API Secret
You’ll need an API Secret
to access the Midigator APIs. To obtain this credential, please contact your dedicated CSM or email support@midigator.com.
2. Request a Bearer Token
Midigator provides an endpoint to generate a Bearer Token
. This API call is
documented below.
3. Use the Bearer Token to Authenticate Midigator API Calls
The bearer token recieved from the /auth/
endpoint will be used as the Authentication header in all other Midigator API calls, such as the Order API.
Base URL
Production:https://api.midigator.com/auth/v1
Sandbox:https://api-sandbox.midigator.com/auth/v1
Contact: integrations@midigator.com
Schemes: https
Version: 1.0.5
Authentication
AuthorizationAPISecret
Paths
Request Bearer Token
This call generates a bearer token to be used on subsequent API requests. The Authorization
header value must be the API Secret
obtained by contacting your dedicated CSM or emailing support@midigator.com
For example:
$ curl --header "Authorization: Bearer API_SECRET" ...
Everything worked as expected.
The request was invalid, usually because of missing or invalid parameters or headers.
An invalid authorization header was provided.
Response Content-Types: application/json
Response Example (200 OK)
{
"token": "ABC123...789XYZ"
}
Response Example (400 Bad Request)
{
"error": true,
"message": "Error message text."
}
Response Example (401 Unauthorized)
{
"error": true,
"message": "Error message text."
}
Schema Definitions
authenticate_response: object
- token: string
-
The token field is the bearer token that will be used for all subsequent requests.
Example
{
"token": "ABC123...789XYZ"
}
error_response: object
- error: boolean
-
The error field indicates that an error happened while trying to request the bearer token.
- message: string
-
The message field explains the specific error that happened while trying to request a bearer token.
Example
{
"error": true,
"message": "Error message text."
}