Authentication with the ReflexBlue Externe API

Every HTTP request to the ReflexBlue External API must be accompanied by a valid authorization token. You obtain such a token via a dedicated API endpoint. To do this, log in with a username and password of a ReflexBlue user who is linked to an External seat and a role with the appropriate user permissions. The required permissions may differ per version of the API. Read below how to set this up.

Authentication endpoints

The following endpoints can be used to log in and out.

Performing the login request

Use an HTTP POST request to the login endpoint with the following JSON payload:

{
    "username": "string",
    "password": "string"
}

The server will respond with the following JSON data:

{
    "token": "string"
}

The value of the token contains a JWT authorization token that can be used in the Authorization HTTP request header for all your subsequent API requests.

Authentication for API version 1

Requirements for the ReflexBlue API user

To authenticate and use version 1 of the integration API, you need a ReflexBlue user who meets the following requirements:

• The user is linked to an External seat.

• The user has a role with these permissions:

  Module	Application	Permission
  Administrations	External API	Access to administration
  Integrations	External API	External API access

  Make sure the role is created in the ReflexBlue administration you are connecting with.

Obtaining an authorization token

Log in with the above-described ReflexBlue user via the login endpoint of the External API. The authorization token you receive should then be included in the HTTP request headers for all your subsequent API requests.

Authentication for API version 2

Requirements for the ReflexBlue API user

To authenticate and use version 2 of the External API, you need a ReflexBlue user who meets the following requirements:

• The user is linked to an External seat.

• The user has a role with these permissions:

  Module	Application	Permission
  Administrations	External API	Access to administration

  And one or more of the following permissions:

  Module	Application	Permission
  Integrations API V2	External API	Access to articles
  Integrations API V2	External API	Access to article groups
  Integrations API V2	External API	Access to order patterns
  Integrations API V2	External API	Access to payment conditions
  Integrations API V2	External API	Access to contacts
  Integrations API V2	External API	Access to dynamic fields
  Integrations API V2	External API	Access to invoices
  Integrations API V2	External API	Access to integrations
  Integrations API V2	External API	Access to orders
  Integrations API V2	External API	Access to delivery notes
  Integrations API V2	External API	Access to relations
  Integrations API V2	External API	Access to relation groups
  Integrations API V2	External API	Access to languages
  Integrations API V2	External API	Access to webhooks

  Make sure the role is created in the ReflexBlue administration you are connecting with.

Obtaining an authorization token

Log in with the above-described ReflexBlue user via the login endpoint of the External API. The authorization token you receive should then be included in the HTTP request headers for all your subsequent API requests.

Validity of authorization tokens

An authorization token for ReflexBlue is valid for a limited time, usually one day. Please note that your external system must re-authenticate with the ReflexBlue Application Server in time to obtain a new token once the old one is no longer valid.

If an authorization token has expired, you will receive an HTTP status code 401 (Unauthorized) when making a request to the External API of the ReflexBlue Application Server. In that case, request a new token to continue working.