Token-Based Login System for Partner Integrations

1. Create Login Token

Endpoint Description

This endpoint is used to create a Nonce token for the purpose of initiating a login session against the application. The created token is to be used in a subsequent call to retrieve the login session for a specific sub-account. This call must be done by a backend server as it uses a partner API token that must be kept secret.

Request

• Method: POST
• URL: https://app.cakemail.com/api/createLoginToken
• Headers:
  • Authorization: Cakemail API Bearer token. This should be the API token of the Partner account.
• JSON Body:
  • accountId: The sub-account ID.
  • email: The email address of the user account for which the token is being created.

Response

The response will contain the created Nonce token, which can be used in the subsequent step to retrieve the login session. The token must be consumed in the next 30 seconds.

Example Response:

{
  "token": "generatedLoginToken123"
}

2. Consume Login Token

Endpoint Description

This endpoint is used to consume the login token generated in the previous step. It returns a Cookie that should be used in subsequent calls to the application for a logged-in session. Upon successful consumption, the endpoint redirects to the /#dashboard route. This call should be done by the end-user's browser, not the backend server.

Request

• Method: GET
• URL: https://app.cakemail.com/api/consumeLoginToken/:loginToken
  • Replace :loginToken with the actual login token obtained from the previous step.

Response

Upon successful consumption of the login token, the response will include the Cookie information. The user is then redirected to the application's dashboard.

Redirect

Upon successful consumption, the endpoint automatically redirects to the /#dashboard route.

The obtained Cookie will automatically be used by the browser to maintain a logged-in session to the application.