FAQ

How the authentication ID Token and Refresh Token work?

The ID Token is a JSON Web Token (JWT) that contains claims about the identity of the authenticated user such as name and email. The ID Token is used to authenticate users against DealerAlly resource servers.

To obtain an ID Token and Refresh Token you should call this endpoint: /v1/users/authenticate-user.

The ID Token expires one hour after the user authenticates. You should not process the ID token in your client or web API after it has expired.

You can use the refresh token to retrieve a new ID Token.

The Refresh Token is set to expire in one year.

PreviousChangeLog

Last updated 5 years ago