POST /Auth/Verify/Token
Authorization key & Authorization date & Authorization hmac

This process validates the JWT token sent in and returns information about it including the logged in user. Note that usually the token is passed as a cookie since /auth/verify/login sets the cookie. This needs to be called for every non logged in page for page tracking. Secret Hmac Required. Cache Time 1 Hour.

application/json

Body Required

  • Href string

    required copy of document.href since referrer is not always accurate

  • Token string

    the jwt token returned from /Auth/Verify/Login or /Auth/Verify/Token

Responses

  • 200 application/json

    Token Details successfully returned with or without login info

    Hide response attributes Show response attributes object
    • Valid number

      0 if expired, 1 if not

    • Expires number

      Seconds until the jwt token expires and login is valid. If expired, it returns negative seconds

    • Custno number

      Customer User Number (frequently the same as parent)

    • Parent number

      Parent User Number

    • IdLogin number

      The current user Login Id

    • LoginIp string

      the Ip address of the logged in user

    • Message string

      the message to display on the screen

    • FirstName string

      the First Name of the logged in user

    • LastName string

      the Last Name of the logged in user

    • LoginTime string

      the date/time logged in (YYYYMMDDHHMMSS)

    • PrevLogin string

      the date/time previously logged in (YYYYMMDDHHMMSS)
  • 401 application/json

    Token Is Not Valid

    Hide response attributes Show response attributes object
    • Valid number

      0 if expired, 1 if not

    • Expires number

      Seconds until the jwt token expires and login is valid. If expired, it returns negative seconds

    • Username string

      If they checked to save username, this responds with the last username passed

    • Message string

      debug message for why this failed
POST /Auth/Verify/Token 
curl \
 --request POST 'https://api.wrtm.io/v1.0/Auth/Verify/Token' \
 --header "X-ApiKey: $API_KEY" \
 --header "X-ApiDate: $API_KEY" \
 --header "X-ApiHmac: $API_KEY" \
 --header "Content-Type: application/json" \
 --data '{"Href":"https://www.whyreadthemanual.com/login","Token":"base 64 encoded stuffs"}'
Request examples 
{
  "Href": "https://www.whyreadthemanual.com/login",
  "Token": "base 64 encoded stuffs"
}
Response examples (200) 
{
  "Valid": 1,
  "Custno": 0,
  "Logind": 0,
  "Parent": 0,
  "LoginIp": "",
  "Message": "Check out our <a href='./abc'>great Thanksgiving sale</a>!",
  "LastName": "",
  "FirstName": "",
  "LoginTime": "",
  "PrevLogin": ""
}
Response examples (401) 
{
  "Valid": 0,
  "Expires": -3600,
  "Message": "Token expired 33 minutes ago",
  "Username": ""
}