Skip to content

Authentication
Run in Postman

Over the past decade, REST APIs have become a de architectural approach for modern application platforms. However, as data moves across boundaries, security becomes a key concern for REST APIs containing sensitive information. One of the most straightforward ways to secure these APIs is to implement authentication mechanisms that control their exposure, mainly through user credentials and encrypted access codes.

NOTE : The conversationId is optional for loging API call . But after that it is mandatory to have conversationId with all subsequent requests.

API Log-In

/api/v1/auth/login 

Login-In Request

/api/v1/auth/login

Attribute Value Description
userName*
(String)
user@mail.com User email address
password*
(String)
password@123 Password
companyCode*
(String)
AP00024 Company Code


Login request
1
2
3
4
5
{
    "userName": "user@verchaska.com",
    "password": "user@123",
    "companyCode": "CM000243"
}

Login-In Response

/api/v1/auth/login

Tag Attribute Description
meta meta
(Object)
success
(String)
Response status will be return Ex: "true"
statusCode
(Boolean)
Response statusCode will be return Ex: "1"
statusMessage
(String)
Response statusMessage will be return Ex: "SUCCESS"
data
sessionId
(String)
Session Id needs to be used in all the other calls


Login response
{
   "meta": {
        "success": true,
        "statusCode": 1,
        "statusMessage": "SUCCESS",
        "actionType": "Login user",
        "conversationId": "fe22cb8d-67e9-4c29-92af-e44dffdcb9a9"
    },
    "data": [
        {
            "sessionId": "5cbf6031-f4da-4360-89d6-009165a69041"
        }
    ],
    "version": "1.0.0"
}

API Log-Out

 /api/v1/auth/logout      

Log-Out Request

/api/v1/auth/logout

Attribute Value
Empty Json Object*
(JsonObject)
JsonObject

No request body required for logout request

Log-Out Response

/api/v1/auth/logout

Attribute Description
data*
(JsonArray)
This tag contains the booking session id.
Which is generated at the time of Signin.

Log-Out response
{
  "meta": {
        "success": true,
        "statusCode": 1,
        "statusMessage": "SUCCESS",
        "actionType": "",
        "conversationId": "fe22cb8d-67e9-4c29-92af-e44dffdcb9a9"
    },
    "data": [
        "38b43c83-5dad-491d-9330-17956da93a96"
    ],
    "version": "1.0.0"
}

Authorization Error

If user do not provide an authorization header in request or user session is expired then user will receive an authentication error as given below:

{
    "meta": {
        "success": false,
        "statusCode": -2,
        "statusMessage": "UNAUTHORIZED",
        "actionType": "",
        "conversationId": "fe22cb8d-67e9-4c29-92af-e44dffdcb9a9"
    },
    "errorDetails": {
        "code": "VAL-002",
        "type": "VALIDATION_ERROR",
        "title": "Authentication failed",
        "message": "Authentication failed. The sessionId is expired or Make sure you are using valid sessionId in header.",
        "documentationUrl": "api-doc/docs/troubleshoot/api-error-codes/index.html",
        "path": "/api/v1/flight/search",
        "timestamp": 1684945506243
    }
}
The authentication error code is VAL-002 . If user receive a error code like VAL-002 then integrator system has to regenerate a new session and send it with any of following API calls.