circle-exclamation
This documentation is currently under development. Certain sections are not yet complete and will be added shortly.
search
HomeDocumentation

Customer

hashtag
Get authenticated customer profile

get
/api/{tenantId}/customer

Retrieves comprehensive customer information by validating and enriching the authentication token claims.

chevron-right
lockRequired scopes
This endpoint requires the following scopes:
Authorizations
AuthorizationstringRequired

a JWT token describing the customer

Path parameters
tenantIdstringRequired
Responses
chevron-right
200

Authenticated customer profile returned.

Other propertiesanyOptional
get
/api/{tenantId}/customer

hashtag
Create or update a customer account

post
/api/{tenantId}/customer

Creates a new customer account or updates an existing one with provided information. Supports optional flow execution (e.g., preregistration) and multi-factor authentication challenges.

hashtag
Account Modification

  • Creates account if customer does not exist

  • Updates existing customer data

  • Validates and enriches account data (e.g., deriving location from postal code)

  • Fills missing fields with defaults or derived values

hashtag
Flow Execution

When a flow name is specified:

  1. Account is created/updated

  2. Named flow is executed (e.g., "preregistration", "activation")

  3. Additional security challenges may be issued

When flow is omitted:

  1. Account data is validated

  2. Fields are enriched and filled

  3. No additional processing occurs

hashtag
Authorization

No explicit authorization required; customer context derived from account identifier.

Path parameters
tenantIdstringRequired
Query parameters
flowstringOptional

Optional flow name to execute after account creation (e.g., "preregistration"). When empty, data is validated and filled without additional processing

Body
Other propertiesanyOptional
Responses
chevron-right
200

Account created or updated.

Other propertiesanyOptional
post
/api/{tenantId}/customer

hashtag
Authenticate customer and generate JWT token

post
/api/{tenantId}/customer/authenticate

Authenticates a customer using a specified identity provider and returns a JWT token for subsequent API calls.

hashtag
Supported Providers

  • Social Login: Facebook, Apple, Google, Line, etc.

  • One-Time Password (OTP): SMS, email, or other delivery methods

  • Custom Providers: Tenant-specific authentication mechanisms

hashtag
Authentication Flow

  1. Client sends provider name and provider-specific authentication data

  2. System validates credentials with the specified provider

  3. Provider returns claims (identity attributes)

  4. System generates JWT token with 24-hour validity

  5. Token includes provider identifier for auditing

hashtag
Token Usage

The returned JWT token should be included in subsequent API requests using the Authorization: Bearer <token> header.

Path parameters
tenantIdstringRequired
Query parameters
providerstringOptional

Provider used to authenticate the user.

Body
anyOptional
Responses
chevron-right
200

Authentication succeeded and token returned.

stringOptional
post
/api/{tenantId}/customer/authenticate

Last updated