- Print
- DarkLight
Registration in the BusinessManager
The registration is handled in auth0. For the communication with it, you need to generate a token with your assigned M2M application and use https://promaterial.eu.auth0.com/api/v2/
as audience:
curl --request POST --url https://promaterial.eu.auth0.com/oauth/token --header 'content-type: application/json' --data '{"client_id": "<client id>","client_secret": "<client secret>","audience": "https://promaterial.eu.auth0.com/api/v2/","grant_type": "client_credentials"}'
For interactions with the BusinessManager, you need another token. Usually, you have to use the same client id and client secret, but another audience - http://bm.promaterial.com/api
:
curl --request POST --url https://promaterial.eu.auth0.com/oauth/token --header 'content-type: application/json' --data '{"client_id": "<client id>","client_secret": "<client secret>","audience": "http://bm.promaterial.com/api","grant_type": "client_credentials"}'
Before you perform the actual registration, you should ask for the users company, email and password. The email will be used as the username.
When the use enters a company, you should check, if we already have it in the database. For this purpose, we have this query in the BusinessManager:
query q1 {
companiesByName(name:"Knauf"){
content {
id
name
}
}
}
The user should chose one of the returned companies if there is a match. If not, you should ćreate a new one:
mutation m1 {
createCompany(company:{name:"My Company"}){
id
name
}
}
The mutation is a simple as this, no more parameters to pass.
Once the company is set, you have to send all the data (firstname, lastname, company, email password) to auth0 to register the user.
The API call is documented here: https://auth0.com/docs/api/management/v2#!/Users/post_users
The payload you have to send to this endpoint is this:
{
"connection": "BusinessManager",
"email": "<email of the user>",
"password": "<password of the user>",
"user_metadata": {
"company": "<id of the chosen or created company>"
}
}
After the user was added to auth0, he will get an email with a confirmation link. As long as the user has not confirmed the email address, he cannot log in.