Authorization — API Reference
Authorize your application to access Synerise APIs
28 endpoints across 2 tags.
Authorization
POST /sauth/v3/auth/refresh/client — Refresh a Profile token
/api-reference/authorization#tag/Authorization/operation/RefreshAClientTokenV3
Retrieve a refreshed JWT Token to prolong the session.
The current token must still be active at the time of the request.
API consumers: Profile (Client), Anonymous Profile
Authentication: Not required
Request body (required)
application/json · sauth-ClientRefreshRequest
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Profile (formerly "Client") API key |
Responses
| Status | Description |
|---|---|
200 application/json | New authorization token |
401 application/json | Unauthorized |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v3/auth/refresh/client \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"apiKey":"string"}'POST /sauth/v3/auth/login/client — Authenticate as Profile
/api-reference/authorization#tag/Authorization/operation/authenticateUsingPOST_v3
Obtain a new JWT for a Profile. If an account for the Profile does not exist and the identityProvider is different than SYNERISE, this request creates an account.
Authentication: Not required
Request body
application/json · sauth-AuthenticationRequestV2_and_3
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Profile (formerly "Client") API key |
identityProvider | enum<"SYNERISE", "FACEBOOK", "OAUTH", "APPLE", …> | required | The identity provider. |
identityProviderToken | string | optional | Third-party authentication token used to authenticate with the Identity Provider. Required if identityProvider is different than SYNERISE.
|
email | string | optional | Profile email. Required if identityProvider is SYNERISE and email is the unique identifier (default setting).
|
customId | optional | Profile customId. Required if identityProvider is SYNERISE and customId is the unique identifier (see https://hub.synerise.com/docs/settings/configuration/non-unique-emails/).
| |
password | string | optional | Profile password. Required if identityProvider is SYNERISE.
|
uuid | string | optional | Profile UUID. Required if identityProvider is SYNERISE.
|
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
400 application/json | Request failed, see error message for details |
401 application/json | Unauthorized. |
403 application/json | Authentication failed, see error message for details |
404 application/json | Profile not found |
406 application/json | Account is locked, password reset required |
423 application/json | Device control is enabled, device must be authorized (link sent by email) |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v3/auth/login/client \
--header 'content-type: application/json' \
--data '{"apiKey":"string","identityProvider":"SYNERISE","identityProviderToken":"string","email":"string","customId":null,"password":"string","uuid":"string","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'POST /sauth/v3/auth/server/login/client — Authenticate Profile with a server
/api-reference/authorization#tag/Authorization/operation/authenticateViaServerV3
Obtain a new JWT for a Profile. This method is designed to be used from a backend server that handles login requests and communicates with Synerise to execute them.
If an account for the Profile does not exist and the identityProvider is different than SYNERISE, this request creates an account.
API consumer: Workspace (Business Profile)
API key permission required: SAUTH_SERVER_LOGIN_CLIENT_CREATE
Request body
application/json · sauth-ServerAuthenticationRequestV2_and_3
| Field | Type | Required | Description |
|---|---|---|---|
ipAddress | string | required | The IP address of the client device that is logging in. |
apiKey | string | required | Profile (formerly "Client") API key |
identityProvider | enum<"SYNERISE", "FACEBOOK", "OAUTH", "APPLE", …> | required | The identity provider. |
identityProviderToken | string | optional | Third-party authentication token used to authenticate with the Identity Provider. Required if identityProvider is different than SYNERISE.
|
email | string | optional | Profile email. Required if identityProvider is SYNERISE and email is the unique identifier (default setting).
|
customId | optional | Profile customId. Required if identityProvider is SYNERISE and customId is the unique identifier (see https://hub.synerise.com/docs/settings/configuration/non-unique-emails/).
| |
password | string | optional | Profile password. Required if identityProvider is SYNERISE.
|
uuid | string | optional | Profile UUID. Required if identityProvider is SYNERISE.
|
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
400 application/json | Request failed, see error message for details |
401 application/json | Unauthorized. |
403 application/json | Authentication failed, see error message for details |
404 application/json | Profile not found |
406 application/json | Account is locked, password reset required |
423 application/json | Device control is enabled, device must be authorized (link sent by email) |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v3/auth/server/login/client \
--header 'content-type: application/json' \
--data '{"ipAddress":"string","apiKey":"string","identityProvider":"SYNERISE","identityProviderToken":"string","email":"string","customId":null,"password":"string","uuid":"string","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'POST /sauth/v3/auth/login/client/conditional — Authenticate as Profile (conditional)
/api-reference/authorization#tag/Authorization/operation/authenticateConditionalUsingPOSTv3
Obtain a new JWT token for a Profile.
- If the account does not exist, an account is not created.
- If any additional conditions are required for logging in, the response is HTTP200 and lists the conditions.
- Note that using this endpoint requires authenticating as an anonymous Profile first.
Authentication: Not required
Request body
application/json · sauth-AuthenticationRequestV2_and_3
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Profile (formerly "Client") API key |
identityProvider | enum<"SYNERISE", "FACEBOOK", "OAUTH", "APPLE", …> | required | The identity provider. |
identityProviderToken | string | optional | Third-party authentication token used to authenticate with the Identity Provider. Required if identityProvider is different than SYNERISE.
|
email | string | optional | Profile email. Required if identityProvider is SYNERISE and email is the unique identifier (default setting).
|
customId | optional | Profile customId. Required if identityProvider is SYNERISE and customId is the unique identifier (see https://hub.synerise.com/docs/settings/configuration/non-unique-emails/).
| |
password | string | optional | Profile password. Required if identityProvider is SYNERISE.
|
uuid | string | optional | Profile UUID. Required if identityProvider is SYNERISE.
|
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Details of the login operation |
400 application/json | Request failed, see error message for details |
401 application/json | See error message for details |
403 application/json | Authentication failed, see error message for details |
404 application/json | Profile not found |
406 application/json | Account is locked, password reset required |
423 application/json | Device control is enabled, device must be authorized (link sent by email) |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v3/auth/login/client/conditional \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"apiKey":"string","identityProvider":"SYNERISE","identityProviderToken":"string","email":"string","customId":null,"password":"string","uuid":"string","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'POST /sauth/v3/auth/login/client/anonymous — Authenticate anonymously
/api-reference/authorization#tag/Authorization/operation/LogInAnonymouslyV3
Obtain a new JWT for an anonymous Profile. The token can be used and refreshed in the same way as tokens of registered Profiles.
Authentication: Not required
Request body (required)
application/json · sauth-LogInAnonymouslyV3RequestBody
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Profile (formerly "Client") API key |
uuid | string | required | UUID of the Profile |
deviceId | string | optional | Unique iOS or Android device identifier. |
Responses
| Status | Description |
|---|---|
200 application/json | Anonymous authorization token |
401 application/json | Unauthorized |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v3/auth/login/client/anonymous \
--header 'content-type: application/json' \
--data '{"apiKey":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string"}'POST /uauth/auth/login/user — Log in as User
/api-reference/authorization#tag/Authorization/operation/userLogin
Authenticate as a User.
Note: To perform operations within a Workspace, you must select a Workspace.
Authentication: Not required
Request body (required)
application/json · uauth-UserAuthenticationRequest
| Field | Type | Required | Description |
|---|---|---|---|
username | string | required | The login (email address) of the user |
password | string | required | The user's password |
deviceId | string | optional | Identifier of user's current device |
externalProviderToken | string | optional | |
externalProviderType | enum<"GOOGLE"> | optional | |
organizationName | string | optional | Optional organization name for login context |
Responses
| Status | Description |
|---|---|
200 application/json | Login details |
401 | Unauthorized |
403 | Forbidden |
404 | Not Found |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/uauth/auth/login/user \
--header 'content-type: application/json' \
--data '{"username":"string","password":"string","deviceId":"string","externalProviderToken":"string","externalProviderType":"GOOGLE","organizationName":"string"}'POST /uauth/auth/login/user/mfa/verification — Verify User multi-factor authentication
/api-reference/authorization#tag/Authorization/operation/userMfaLogin
Authenticate as a User with multi-factor authentication.
Note: To perform operations within a Workspace, you must select a Workspace.
API consumer: Synerise User
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
mfaType | query | enum<"TOTP_AUTHENTICATOR", "EMAIL"> | required | Type of multi-factor authentication |
Request body (required)
application/json · uauth-MultiFactorAuthVerificationRequest
| Field | Type | Required | Description |
|---|---|---|---|
verificationCode | string | required | Multi-factor verification code |
deviceId | string | optional | |
externalProviderToken | string | optional | |
externalProviderType | enum<"GOOGLE"> | optional | |
organizationName | string | optional | Optional organization name for login context |
Responses
| Status | Description |
|---|---|
200 application/json | Login details |
401 | Unauthorized |
403 | Forbidden |
404 | Not Found |
Example request (cURL)
curl --request POST \
--url 'https://api.synerise.com/uauth/auth/login/user/mfa/verification?mfaType=SOME_STRING_VALUE' \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"verificationCode":"string","deviceId":"string","externalProviderToken":"string","externalProviderType":"GOOGLE","organizationName":"string"}'POST /uauth/auth/login/user/profile/{businessProfileUUID} — Select Workspace
/api-reference/authorization#tag/Authorization/operation/userProfileLoginUsingPOST
After logging in as a User, select a Workspace where you want to perform operations.
API consumer: Synerise User
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
businessProfileUUID | path | string | required | UUID of the workspace |
Responses
| Status | Description |
|---|---|
200 application/json | Login details |
401 | Unauthorized |
403 | Forbidden |
404 | Not Found |
423 application/json | Access denied by IP policy |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/uauth/auth/login/user/profile/%7BbusinessProfileUUID%7D \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN'GET /uauth/business-profile/ — Get Workspaces
/api-reference/authorization#tag/Authorization/operation/getBusinessProfilesUsingGET
Retrieve a list of Workspaces available to the user.
API consumer: Synerise User
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
page | query | integer | optional | Page number |
size | query | integer | optional | Page size |
query | query | string | optional | Search query |
sort | query | string | optional | Sort field |
Responses
| Status | Description |
|---|---|
200 application/json | OK |
401 | Unauthorized |
403 | Forbidden |
404 | Not Found |
Example request (cURL)
curl --request GET \
--url 'https://api.synerise.com/uauth/business-profile/?page=SOME_INTEGER_VALUE&size=SOME_INTEGER_VALUE&query=SOME_STRING_VALUE&sort=SOME_STRING_VALUE' \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN'GET /uauth/business-profile/ids — Get Workspaces ids with user-specific data
/api-reference/authorization#tag/Authorization/operation/getBusinessProfilesIdsUsingGET
Retrieve a list of workspace ids available to the user, with added user-specific data
API consumer: Synerise User
Responses
| Status | Description |
|---|---|
200 application/json | OK |
401 | Unauthorized |
403 | Forbidden |
404 | Not Found |
Example request (cURL)
curl --request GET \
--url https://api.synerise.com/uauth/business-profile/ids \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN'GET /uauth/business-profile/current — Get current Workspace
/api-reference/authorization#tag/Authorization/operation/getCurrentBusinessProfileUsingGET
Retrieve information about the currently selected workspace.
API consumer: Synerise User
Responses
| Status | Description |
|---|---|
200 application/json | OK |
401 | Unauthorized |
403 | Forbidden |
404 | Not Found |
Example request (cURL)
curl --request GET \
--url https://api.synerise.com/uauth/business-profile/current \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN'POST /uauth/v2/auth/login/profile — Log in as Workspace
/api-reference/authorization#tag/Authorization/operation/profileLogin
Obtain a new Workspace JWT Token.
Authentication: Not required
Request body (required)
application/json · uauth-BusinessProfileAuthenticationRequest
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Workspace API key WARNING: Workspace API keys can be used to access all customer data and manage the workspace. They should only be used for server-to-server communication in integrations. DO NOT use workspace API keys in your mobile applications or websites. |
Responses
| Status | Description |
|---|---|
200 application/json | New JWT token for Workspace authentication |
400 application/json | Request malformed |
401 application/json | Unauthorized, API key does not exist |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/uauth/v2/auth/login/profile \
--header 'content-type: application/json' \
--data '{"apiKey":"64c09614-1b2a-42f7-804d-f647243eb1ab"}'Authorization (deprecated)
GET /v4/auth/refresh/profile — Refresh a Workspace token (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/RefreshABusinessProfileToken
Retrieve a refreshed JWT Token to prolong the Workspace session.
API consumer: Workspace (Business Profile)
Authentication: Not required
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
Content-Type | header | enum<"application/json"> | required | |
Api-Version | header | enum<"4.4"> | required |
Responses
| Status | Description |
|---|---|
200 application/json | New authorization token |
401 application/json | Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc. |
403 application/json | Forbidden; insufficient permissions (when PII protection is enabled, PII permissions are required in addition to the permissions listed in the method description) |
Example request (cURL)
curl --request GET \
--url https://api.synerise.com/v4/auth/refresh/profile \
--header 'Api-Version: SOME_STRING_VALUE' \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'Content-Type: SOME_STRING_VALUE'POST /v4/auth/login/profile — Log in as Workspace (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/LogInAsBusinessProfile
This endpoint is deprecated. Use this endpoint instead.
Authentication: Not required
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
Api-Version | header | enum<"4.4"> | required |
Request body (required)
application/json · object
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Workspace (formerly Business Profile) API key |
Responses
| Status | Description |
|---|---|
200 application/json | Workspace authorization token |
401 application/json | Unauthorized: wrong consumer scope; token missing/expired/invalid; invalid API key; etc. |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/v4/auth/login/profile \
--header 'Api-Version: SOME_STRING_VALUE' \
--header 'content-type: application/json' \
--data '{"apiKey":"64c09614-1b2a-42f7-804d-f647243eb1ab"}'POST /sauth/auth/login/client — Authenticate as Profile (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/LogInAsClient
Obtain a new Profile JWT Token.
Authentication: Not required
Request body (required)
application/json · sauth-LogInAsClientRequestBody
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | optional | Profile (formerly "Client") API key |
email | string | optional | Profile email |
password | string | optional | Profile password |
uuid | string | optional | UUID of the Profile |
deviceId | string | optional | Important: deviceId is required during login if device control is enabled. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
401 application/json | Unauthorized |
404 application/json | Profile not found |
406 application/json | Account is locked, password reset required |
423 application/json | Device control is enabled, device must be authorized (link sent by email) |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/auth/login/client \
--header 'content-type: application/json' \
--data '{"apiKey":"string","email":"string","password":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string"}'POST /sauth/auth/login/client/anonymous — Authenticate anonymously (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/LogInAnonymously
Obtain a new JWT for an anonymous Profile. The token can be used and refreshed in the same way as tokens of registered Profiles.
Authentication: Not required
Request body (required)
application/json · sauth-LogInAnonymouslyRequestBody
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | optional | Profile (formerly "Client") API key |
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
uuid | string | optional | UUID of the Profile |
Responses
| Status | Description |
|---|---|
200 application/json | Anonymous authorization token |
401 application/json | Unauthorized |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/auth/login/client/anonymous \
--header 'content-type: application/json' \
--data '{"apiKey":"string","deviceId":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f"}'POST /sauth/auth/login/client/facebook — Authenticate with Facebook (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/AuthenticateWithFacebook
Use a Facebook token to obtain a Profile JWT. If a Facebook account is logging on for the first time, a self-managed account for the profile is registered in Synerise.
Authentication: Not required
Request body (required)
application/json · sauth-AuthenticateWithFacebookRequestBody
| Field | Type | Required | Description |
|---|---|---|---|
facebookToken | string | optional | Facebook authentication token |
apiKey | string | optional | Profile (formerly "Client") API key |
uuid | string | optional | UUID of the Profile |
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/auth/login/client/facebook \
--header 'content-type: application/json' \
--data '{"facebookToken":"string","apiKey":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'POST /sauth/auth/login/client/facebook/no-registration — Authenticate with Facebook without registration (deprecated)
Use a Facebook token to obtain a Profile JWT without creating a self-managed account for this Profile in Synerise.
Authentication: Not required
Request body (required)
application/json · sauth-AuthenticateWithFacebookWithoutRegistrationRequestBody
| Field | Type | Required | Description |
|---|---|---|---|
facebookToken | string | optional | Facebook Authentication Token |
apiKey | string | optional | Profile (formerly "Client") API key |
uuid | string | optional | UUID of the Profile |
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/auth/login/client/facebook/no-registration \
--header 'content-type: application/json' \
--data '{"facebookToken":"string","apiKey":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'POST /sauth/auth/login/client/oauth — Authenticate with OAuth (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/AuthenticateWithOauth
Obtain a new JWT token by using OAuth authentication token.
Authentication: Not required
Request body (required)
application/json · sauth-OauthAuthBody
| Field | Type | Required | Description |
|---|---|---|---|
accessToken | string | required | OAuth token |
apiKey | string | required | Profile API key (same as for Profile login) |
uuid | string | required | UUID of the Profile |
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
customId | string | optional | If mappedExternal is set to FALSE in OAuth settings, this field is required.
|
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/auth/login/client/oauth \
--header 'content-type: application/json' \
--data '{"accessToken":"string","apiKey":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"],"customId":"string"}'POST /sauth/auth/login/client/oauth/no-registration — Authenticate with OAuth without registration (deprecated)
Use an OAuth token to obtain a Profile JWT. This method does not create a Profile in Synerise.
Authentication: Not required
Request body (required)
application/json · sauth-OauthAuthBody
| Field | Type | Required | Description |
|---|---|---|---|
accessToken | string | required | OAuth token |
apiKey | string | required | Profile API key (same as for Profile login) |
uuid | string | required | UUID of the Profile |
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
customId | string | optional | If mappedExternal is set to FALSE in OAuth settings, this field is required.
|
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/auth/login/client/oauth/no-registration \
--header 'content-type: application/json' \
--data '{"accessToken":"string","apiKey":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"],"customId":"string"}'POST /sauth/auth/login/client/apple — Authenticate with Sign in with Apple (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/AuthenticateWithApple
Obtain a new JWT token by using Sign in with Apple authentication token.
Authentication: Not required
Request body (required)
application/json · sauth-AuthenticateWithAppleRequestBody
| Field | Type | Required | Description |
|---|---|---|---|
accessToken | string | optional | Apple token |
apiKey | string | optional | Profile (formerly "Client") API key |
uuid | string | optional | UUID of the Profile |
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/auth/login/client/apple \
--header 'content-type: application/json' \
--data '{"accessToken":"string","apiKey":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'POST /sauth/auth/login/client/apple/no-registration — Authenticate with Sign in with Apple without registration (deprecated)
Use an Apple token to obtain a Profile JWT. This method does not create a Profile in Synerise.
Authentication: Not required
Request body (required)
application/json · sauth-LoginWithAppleWithoutRegistrationRequestBody
| Field | Type | Required | Description |
|---|---|---|---|
accessToken | string | optional | Apple token |
apiKey | string | optional | Profile (formerly "Client") API key |
uuid | string | optional | UUID of the Profile |
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/auth/login/client/apple/no-registration \
--header 'content-type: application/json' \
--data '{"accessToken":"string","apiKey":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'GET /sauth/auth/refresh/client — Refresh a Profile token (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/RefreshAClientToken
Retrieve a refreshed JWT Token to prolong the Profile session.
The current token must still be active at the time of the request.
API consumers: Profile (Client), Anonymous Profile
Authentication: Not required
Responses
| Status | Description |
|---|---|
200 application/json | New authorization token |
401 application/json | Unauthorized |
Example request (cURL)
curl --request GET \
--url https://api.synerise.com/sauth/auth/refresh/client \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN'POST /sauth/v2/auth/refresh/client — Refresh a Profile token (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/RefreshAClientTokenV2
This method is deprecated. Use the v3 method instead.
Retrieve a refreshed JWT Token to prolong the session.
The current token must still be active at the time of the request.
API consumers: Profile (Client), Anonymous Profile
Authentication: Not required
Request body (required)
application/json · sauth-ClientRefreshRequest
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Profile (formerly "Client") API key |
Responses
| Status | Description |
|---|---|
200 application/json | New authorization token |
401 application/json | Unauthorized |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v2/auth/refresh/client \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"apiKey":"string"}'POST /sauth/v2/auth/login/client — Authenticate as Profile (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/authenticateUsingPOST_v2
This method is deprecated. Use the v3 method instead.
Obtain a new JWT token for a Profile. If an account for the Profile does not exist and the identityProvider is different than SYNERISE, this request creates an account.
Authentication: Not required
Request body
application/json · sauth-AuthenticationRequestV2_and_3
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Profile (formerly "Client") API key |
identityProvider | enum<"SYNERISE", "FACEBOOK", "OAUTH", "APPLE", …> | required | The identity provider. |
identityProviderToken | string | optional | Third-party authentication token used to authenticate with the Identity Provider. Required if identityProvider is different than SYNERISE.
|
email | string | optional | Profile email. Required if identityProvider is SYNERISE and email is the unique identifier (default setting).
|
customId | optional | Profile customId. Required if identityProvider is SYNERISE and customId is the unique identifier (see https://hub.synerise.com/docs/settings/configuration/non-unique-emails/).
| |
password | string | optional | Profile password. Required if identityProvider is SYNERISE.
|
uuid | string | optional | Profile UUID. Required if identityProvider is SYNERISE.
|
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
400 application/json | Request failed, see error message for details |
401 application/json | Unauthorized. |
403 application/json | Authentication failed, see error message for details |
404 application/json | Profile not found |
406 application/json | Account is locked, password reset required |
423 application/json | Device control is enabled, device must be authorized (link sent by email) |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v2/auth/login/client \
--header 'content-type: application/json' \
--data '{"apiKey":"string","identityProvider":"SYNERISE","identityProviderToken":"string","email":"string","customId":null,"password":"string","uuid":"string","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'POST /sauth/v2/auth/login/client/conditional — Authenticate as Profile (conditional) (deprecated)
This method is deprecated. Use the v3 method instead.
Obtain a new JWT token for a Profile.
- If the account does not exist, an account is not created.
- If any additional conditions are required for logging in, the response is HTTP200 and lists the conditions.
- Note that using this endpoint requires authenticating as an anonymous Profile first.
Authentication: Not required
Request body
application/json · sauth-AuthenticationRequestV2_and_3
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | required | Profile (formerly "Client") API key |
identityProvider | enum<"SYNERISE", "FACEBOOK", "OAUTH", "APPLE", …> | required | The identity provider. |
identityProviderToken | string | optional | Third-party authentication token used to authenticate with the Identity Provider. Required if identityProvider is different than SYNERISE.
|
email | string | optional | Profile email. Required if identityProvider is SYNERISE and email is the unique identifier (default setting).
|
customId | optional | Profile customId. Required if identityProvider is SYNERISE and customId is the unique identifier (see https://hub.synerise.com/docs/settings/configuration/non-unique-emails/).
| |
password | string | optional | Profile password. Required if identityProvider is SYNERISE.
|
uuid | string | optional | Profile UUID. Required if identityProvider is SYNERISE.
|
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Details of the login operation |
400 application/json | Request failed, see error message for details |
401 application/json | See error message for details |
403 application/json | Authentication failed, see error message for details |
404 application/json | Profile not found |
406 application/json | Account is locked, password reset required |
423 application/json | Device control is enabled, device must be authorized (link sent by email) |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v2/auth/login/client/conditional \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"apiKey":"string","identityProvider":"SYNERISE","identityProviderToken":"string","email":"string","customId":null,"password":"string","uuid":"string","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'POST /sauth/v2/auth/login/client/anonymous — Authenticate anonymously (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/LogInAnonymouslyV2
This method is deprecated. Use the v3 method instead.
Obtain a new JWT for an anonymous Profile. The token can be used and refreshed in the same way as tokens of registered Profiles.
Authentication: Not required
Request body (required)
application/json · sauth-LogInAnonymouslyV2RequestBody
| Field | Type | Required | Description |
|---|---|---|---|
apiKey | string | optional | Profile (formerly "Client") API key |
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
uuid | string | optional | UUID of the Profile |
Responses
| Status | Description |
|---|---|
200 application/json | Anonymous authorization token |
401 application/json | Unauthorized |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v2/auth/login/client/anonymous \
--header 'content-type: application/json' \
--data '{"apiKey":"string","deviceId":"string","uuid":"07243772-008a-42e1-ba37-c3807cebde8f"}'POST /sauth/v2/auth/server/login/client — Authenticate as Profile (deprecated)
/api-reference/authorization#tag/Authorization-(deprecated)/operation/authenticateViaServerV2
This method is deprecated. Use the v3 method instead.
Obtain a new JWT for a Profile. It is designed to be used from backend server. If an account for the Profile does not exist and the identityProvider is different than SYNERISE, this request creates an account.
API consumer: Workspace (Business Profile)
API key permission required: SAUTH_SERVER_LOGIN_CLIENT_CREATE
Request body
application/json · sauth-ServerAuthenticationRequestV2_and_3
| Field | Type | Required | Description |
|---|---|---|---|
ipAddress | string | required | The IP address of the client device that is logging in. |
apiKey | string | required | Profile (formerly "Client") API key |
identityProvider | enum<"SYNERISE", "FACEBOOK", "OAUTH", "APPLE", …> | required | The identity provider. |
identityProviderToken | string | optional | Third-party authentication token used to authenticate with the Identity Provider. Required if identityProvider is different than SYNERISE.
|
email | string | optional | Profile email. Required if identityProvider is SYNERISE and email is the unique identifier (default setting).
|
customId | optional | Profile customId. Required if identityProvider is SYNERISE and customId is the unique identifier (see https://hub.synerise.com/docs/settings/configuration/non-unique-emails/).
| |
password | string | optional | Profile password. Required if identityProvider is SYNERISE.
|
uuid | string | optional | Profile UUID. Required if identityProvider is SYNERISE.
|
deviceId | string | optional | Unique Android or iOS device ID. We recommend sending this attribute every time, to assign a web push registration to the device. Required when any form of unknown device control is enabled. |
agreements | object | optional | Marketing agreements of the Profile.
You can also pass the values as strings ("true";"TRUE";"True"/"false";"FALSE";"False") or integers (1 for true and 0 for false).
|
attributes | object | optional | Custom attributes (with any names)
WARNING: Some attributes cannot be sent in this object and will be ignored. Some of these are reserved for system use, and others must be sent as properties of the profile in the root object of the request body instead of inside the attributes object.
Click to expand the list of reserved attributes
emailidclientIdphonecustomIduuidfirstNamelastName
displayNamecompanyaddresscityprovincezipCodecountryCode
birthDatesexavatarUrlanonymousagreementstagsbusinessProfileId
timeipsourcenewsletter_agreementcustom_identifyfirstname
lastnamecreatedupdatedlast_activity_datebirthdateexternal_avatar_url
displaynamereceive_smsesreceive_push_messagesreceive_webpush_messages
receive_btooth_messagesreceive_rfid_messagesreceive_wifi_messagesreceive_whatsapp_messageswhatsapp_id
zipCodeanonymous_typecountry_idgeo_loc_countrygeo_loc_isp
geo_loc_latgeo_loc_lonclub_card_idtypeconfirmedfacebookIddeletedAtdeleted_uniquestatusrecognizedprevious_clientstestProfile
apikeyapiKeyApiKeyApikeytrackersnr_sdk_version
eventCreateTimecorrelationId
|
tags | array<string> | optional | Tags can be used to group Profile accounts. |
Responses
| Status | Description |
|---|---|
200 application/json | Profile authorization token |
400 application/json | Request failed, see error message for details |
401 application/json | Unauthorized. |
403 application/json | Authentication failed, see error message for details |
404 application/json | Profile not found |
406 application/json | Account is locked, password reset required |
423 application/json | Device control is enabled, device must be authorized (link sent by email) |
Example request (cURL)
curl --request POST \
--url https://api.synerise.com/sauth/v2/auth/server/login/client \
--header 'content-type: application/json' \
--data '{"ipAddress":"string","apiKey":"string","identityProvider":"SYNERISE","identityProviderToken":"string","email":"string","customId":null,"password":"string","uuid":"string","deviceId":"string","agreements":{"email":true,"sms":true,"push":true,"bluetooth":false,"rfid":false,"wifi":false},"attributes":{"property1":null,"property2":null},"tags":["string"]}'