Dash Authentication API v3.0.0
Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
The Dash Authentication API allows enables users to generate authorization tokens to access other Dash APIs.
Base URLs:
Authentication Flows
oAuth2 Authentication Flows.
Flow: clientCredentials
Token URL = https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token
| Scope | Scope Description |
|---|---|
| https://dashapiuat.onmicrosoft.com/api/.default | The Client Credentials Flow is an OAuth 2.0 grant type used when the client (an application or service) needs to directly access its own resources on a resource server without involving a user. This flow is typically used for machine-to-machine communication where the client application authenticates itself with the authorization server and receives an access token that allows it to access protected resources. Full access to USER calls. Customer-specific access to CARDS and PAYMENTS calls. |
Flow: authorizationCode
Authorization URL = https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/authorize
Token URL = https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token
| Scope | Scope Description |
|---|---|
| https://dashapiuat.onmicrosoft.com/api/.default | The Authorization URL Flow is another OAuth 2.0 grant type used when the client needs to access resources on behalf of a user. This flow is commonly used in web applications where the client application wants to access resources on a resource server on behalf of the user who owns those resources. Full access to USER calls. Customer-specific access to CARDS and PAYMENTS calls. |
Authentication
The Authentication resource uses OAuth 2.0 authorization tokens to validate the incoming requests.The endpoint available in this resource is POST/B2C_1_signupandsignin/oauth2/v2.0/token
Authentication Token
Code samples
# You can also use wget
curl -X POST https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer {access-token}'
POST https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token HTTP/1.1
Host: authsandbox.dashsolutions.com
Content-Type: application/x-www-form-urlencoded
Accept: application/json
const inputBody = '{
"grant_type": "string",
"scope": "string",
"client_id": "string",
"client_secret": "string"
}';
const headers = {
'Content-Type':'application/x-www-form-urlencoded',
'Accept':'application/json',
'Authorization':'Bearer {access-token}'
};
fetch('https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'
headers = {
'Content-Type' => 'application/x-www-form-urlencoded',
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}'
}
result = RestClient.post 'https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token',
params: {
}, headers: headers
p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'application/json',
'Authorization': 'Bearer {access-token}'
}
r = requests.post('https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token', headers = headers)
print(r.json())
<?php
require 'vendor/autoload.php';
$headers = array(
'Content-Type' => 'application/x-www-form-urlencoded',
'Accept' => 'application/json',
'Authorization' => 'Bearer {access-token}',
);
$client = new \GuzzleHttp\Client();
// Define array of request body.
$request_body = array();
try {
$response = $client->request('POST','https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}
// ...
URL obj = new URL("https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main
import (
"bytes"
"net/http"
)
func main() {
headers := map[string][]string{
"Content-Type": []string{"application/x-www-form-urlencoded"},
"Accept": []string{"application/json"},
"Authorization": []string{"Bearer {access-token}"},
}
data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "https://authsandbox.dashsolutions.com/dashapiuat.onmicrosoft.com/B2C_1_signupandsignin/oauth2/v2.0/token", data)
req.Header = headers
client := &http.Client{}
resp, err := client.Do(req)
// ...
}
POST /B2C_1_signupandsignin/oauth2/v2.0/token
Generates Authorization token. The Authorization field in the Headers holds this token. For the other Dash API requests to succeed, this token is required. Users have to register with Dash to set up auth token generation.
Body parameter
grant_type: string
scope: string
client_id: string
client_secret: string
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | tokenRequest | true | Make an OAuth2 token request for authorization. May include the optional parameters mentioning the grant_type, scope, client_id, and client_secret. The token needs to be regenerated every 60 minutes. |
Example responses
200 Response
{
"access_token": "string",
"token_type": "string",
"not_before": 0,
"expires_in": 0,
"expires_on": 0,
"resource": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | An OAuth2 token is generated. Use this token to call other Dash APIs by including it in the Authorization Header field. | tokenResponse |
Schemas
tokenRequest
{
"grant_type": "string",
"scope": "string",
"client_id": "string",
"client_secret": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| grant_type | string | false | none | Specifies the permissions a user has based on the authorization token. Depending on the grant_type, the programs and sub programs are loaded. |
| scope | string | false | none | Defines the access to resources that the user has based on the authorization token and permissions |
| client_id | string | false | none | Unique reference id to identify users |
| client_secret | string | false | none | Unique reference id to identify a card |
tokenResponse
{
"access_token": "string",
"token_type": "string",
"not_before": 0,
"expires_in": 0,
"expires_on": 0,
"resource": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| access_token | string | false | none | OAuth2 authorization token |
| token_type | string | false | none | OAuth2 |
| not_before | number | false | none | Duration after which the token becomes invalid |
| expires_in | number | false | none | The OAuth2 authorization token has a lifetime of 60 minutes. The token expires in 60 minutes from the time of generation |
| expires_on | number | false | none | Duration at which the token is no longer valid |
| resource | string | false | none | API resources that the token can access |