Protected Resources

To maximize security of the protected resources, all resources in the Gifthub API are separated into two main categories based on their relation to each part of the system:

  • Strict: Includes all the resources changing or showing your financial state. Such as

    • Order Creation and retrieval

    • Customer Information

  • Relaxed: Includes general services available to all customers, such as

    • Product List

    • Single product retrieval

You can have access to all relaxed resources with any Jwt you generate using the /aut/jwt Api as long as it's not expired. To be able to have access to the strcit resources you must use the latest generated Jwt token generated via the authentication API. Otherwise you'll get an 403 Unauthorized error.

Testing access

Relaxed Resources

GET : /auth/status

Response


{
    "message": "No Message",
    "data": {
        "message": "πŸ”“ You are in!"
    }
}

Strict Resources

GET : /auth/strict-status

Response


{
    "message": "No Message",
    "data": {
        "message": "πŸ”“πŸ”“ You are so in!"
    }
}
PreviousGenerate JWT TokenNextGeneral

Last updated