Authentication
To access the API a user has to have the "Access System API" permission enabled on one of their assigned roles. Permissions to content accessed via the API is limited by the roles & permissions assigned to the user that's used to access the API.
Authentication to use the API is primarily done using API Tokens. Once the "Access System API" permission has been assigned to a user, a "API Tokens" section should be visible when editing their user profile. These values should be used as a header in API HTTP requests in the following format:
Authorization: Bearer <token>Here's an example of an authorized Axios request to list books in the system:
const axios = require('axios');
let config = {
method: 'get',
maxBodyLength: Infinity,
url: 'https://testapi.onmarket.id/user/address/list?page=1',
headers: {
'Authorization': 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoidXNlcm5ldzEiLCJhZ2VudCI6bnVsbCwibmF0aXZlIjpmYWxzZSwiaWF0IjoxNjk5MzUwMDYxfQ.eg945MifOGFH2tz1aT0UgD0YFHziV4rellDF5isXVlQ'
}
};
axios.request(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
To get this token, you need to use this particular link for authentication:
(POST) https://usapi.onindonesia.id/auth
Body parameters
username : <string>
password : <string>
options : <object>{
nativeApp: <boolean>
}
For websites, use "false" value in nativeApp. For mobile phones, use "true" value in nativeApp.
Example request
We're using test link for this example. For production, use usapi.onindonesia.id
{
"username": "usernew1",
"password": "12345678",
"options": {
"nativeApp": false
}
}
Example result
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoidXNlcm5ldzEiLCJhZ2VudCI6bnVsbCwibmF0aXZlIjpmYWxzZSwiaWF0IjoxNjk5MzUwMDYxfQ.eg945MifOGFH2tz1aT0UgD0YFHziV4rellDF5isXVlQ"
}
Error lists
422 Unprocessable Entry
{
"message": "Invalid Credential"
}400 Bad Request
{
"message": "Invalid JSON Format"
}
1 Comment
I DID A THING