Overview

This documentation provides details on how to interact with the Salesflow Auth API. The API allows users to perform authentication-related operations such as logging in, registering, changing passwords, and generating invitation codes.


Authentication

The API requires authentication using either an API Key or a Bearer Token. The API Key must be included in the request headers using the x-api-key parameter. Bearer Tokens must be provided in the Authorization header using the Bearer scheme.

Security Schemes

Important: Handling Authorization Response

After receiving an AuthorizationResponse from any endpoint, it's crucial to update the browser session storage with an SF_Token key and the corresponding value from the response. This allows the UI application to reuse the accessToken and automatically renew it when necessary.

Example:

**SF_Token:**
{
  "email": "<EMAIL>",
  "expiresIn": 3600,
  "accessToken": "<ACCESS_TOKEN>",
  "localId": "<LOCAL_ID>",
  "refreshToken": "<REFRESH_TOKEN>"
}

Ensure that the UI application is configured to retrieve and utilize this token appropriately for continued access and seamless user experience.

Redirect user with existing bearer token to Salesflow

After receiving Authorization response you can redirect user to https://your_host/auth/thirdPartySignIn?SF_Token=json_serialized_authorization_response

Link example:

[<https://dev.salesflow.io/auth/thirdPartySignIn?SF_Token={"email":"[email protected]","expiresIn":3600,"accessToken":"eyJhbGciOiJSUzI1NiIsImtpZCKR8HAgM_H_-Guwp90a6ZhtO6z0qXk14Vap0GfeM717OE7PwlOL3KrzqFZya-fm81lx5p0MrZYmd_g0I5Ma1EQgRpZSTFqnIkbVIHETTf_P1Mbjpg58p8A7g","localId":"G5X86jcOynfWEATcKaVI3u11Nlo2","refreshToken":"AMf-vBySH0drBILA54NuiSpo90xhFZoLdunFhDZfPjEzQMxkoveMtH_NyWqI8T-2anNfzEswYJcGP4zRM9_gVjHNQ2Jo2WXIqeWGOg5ogMHB2HxCBVCogFFaCULFphPfAjmh3ZHV-eRHfEs_9_fdGf42eIdv4NS6ZTZ2zN8USdEuwatV0S80NfZNyeE7yzAEOapOeeOVgkxwEw"}>](<https://dev.salesflow.io/auth/thirdPartySignIn?SF_Token=%7B%22email%22:%[email protected]%22,%22expiresIn%22:3600,%22accessToken%22:%22eyJhbGciOiJSUzI1NiIsImtpZCKR8HAgM_H_-Guwp90a6ZhtO6z0qXk14Vap0GfeM717OE7PwlOL3KrzqFZya-fm81lx5p0MrZYmd_g0I5Ma1EQgRpZSTFqnIkbVIHETTf_P1Mbjpg58p8A7g%22,%22localId%22:%22G5X86jcOynfWEATcKaVI3u11Nlo2%22,%22refreshToken%22:%22AMf-vBySH0drBILA54NuiSpo90xhFZoLdunFhDZfPjEzQMxkoveMtH_NyWqI8T-2anNfzEswYJcGP4zRM9_gVjHNQ2Jo2WXIqeWGOg5ogMHB2HxCBVCogFFaCULFphPfAjmh3ZHV-eRHfEs_9_fdGf42eIdv4NS6ZTZ2zN8USdEuwatV0S80NfZNyeE7yzAEOapOeeOVgkxwEw%22%7D>)