Midigator® Authentication API API Reference

Introduction

Midigator’s authentication API is structured around the REST architectural style and returns JSON-encoded responses. It uses standard HTTP response codes and authentication.

The API can be called from any language, including .NET, Java, PHP, and Python, and it can be deployed on multiple platforms, such as Windows, Mac OS, or Linux.

If you have questions about the information in this API document or are unable to resolve an error message, please contact the integrations team at integrations@midigator.com.

Authentication API

Authentication to Midigator APIs is performed by requesting a short-livedbearer token using a long-lived API secret. The bearer token is then used for subsequent requests. Midigator API tokens are JWTs and the exp claim can be used to determine token expiration to refresh the token prior to expiration.

API Flow

Midigator suggests using the authentication API in the following flow:

1. Obtain an API Secret

You’ll need an API Secret to access the Midigator APIs. To obtain this credential, please contact your dedicated CSM or email support@midigator.com.

2. Request a Bearer Token

Midigator provides an endpoint to generate a Bearer Token. This API call is documented below.

3. Use the Bearer Token to Authenticate Midigator API Calls

The bearer token recieved from the /auth/ endpoint will be used as the Authentication header in all other Midigator API calls, such as the Order API.

Base URL
Production:https://api.midigator.com/auth/v1
Sandbox:https://api-sandbox.midigator.com/auth/v1
Contact: integrations@midigator.com
Schemes: https
Version: 1.0.5

Authentication

AuthorizationAPISecret

in
header
name
Authorization

Paths

Request Bearer Token

POST /auth

This call generates a bearer token to be used on subsequent API requests. The Authorization header value must be the API Secret obtained by contacting your dedicated CSM or emailing support@midigator.com

For example:

$ curl --header "Authorization: Bearer API_SECRET" ...

200 OK
authenticate_response

Everything worked as expected.

400 Bad Request
error_response

The request was invalid, usually because of missing or invalid parameters or headers.

401 Unauthorized
error_response

An invalid authorization header was provided.

Response Content-Types: application/json
Response Example (200 OK) 
{
  "token": "ABC123...789XYZ"
}
Response Example (400 Bad Request) 
{
  "error": true,
  "message": "Error message text."
}
Response Example (401 Unauthorized) 
{
  "error": true,
  "message": "Error message text."
}
AuthorizationAPISecret

Schema Definitions

authenticate_response: object

token: string

The token field is the bearer token that will be used for all subsequent requests.

Example
{
  "token": "ABC123...789XYZ"
}

error_response: object

error: boolean

The error field indicates that an error happened while trying to request the bearer token.

message: string

The message field explains the specific error that happened while trying to request a bearer token.

Example
{
  "error": true,
  "message": "Error message text."
}
Documentation by Spectacle