Authentication
There are three authentication methods available to the Mindful APIs:
"Magic Link" user authentication
"M2M" machine authentication
"Company" scope-limited anonymous authentication
Most use cases will use standard user authentication.
"Magic Link" User Authentication
A user authentication token can be retrieved by:
Executing the sendUserLoginLink
mutation on the User API. If a Mindful user exists for the supplied email address, they will receive an email with a "magic link" (containing a temporary authentication JWT in the token
parameter).
Executing the loginUserFromLink
mutation on the User API while supplying the token
from the email. This is exchanged for a longer-lived (7 days) authentication token, which you will send with subsequent requests.
When sending a request with user authentication, send the token using Bearer authentication:
"M2M" Machine Authentication
A permanent variant of a user authentication, for use in automated processes that need authentication (such as retrieving analytics, or inserting/updating data.)
While the option is not yet available in the Mindful UI, a permanent M2M token can be issued for your user. Contact us via support@parameter1.com to get this set up!
"Company" Authentication
"Company" authentication allows for anonymous visitors to access sensitive data (such as advertising metrics), but only limited in scope to specific Advertising Companies.
These tokens are generated automatically within the Mindful UI, or they can be generated manually with the Utility API's createAdvertisingCompanyAccessToken
mutation.
A valid user (or machine) authentication must be present in the request to generate a company token.
Last updated