Account Delta
Account service for users of Fotbollskanalen, TV4 and C More.
Usage ¶
A client communicates with BB Services authenticated by a BB Token. The Vimond User Token should only be retrieved by services communicating directly with Vimond on the users behalf.
BB Token
The BB Token is in the form of a JWT and should be applied to Account and other authenticated BB services. It is usually applied through the Authorization
header.
A BB Token has an expiry time of one year after its creation.
Example contents of a JWT contents:
{
"exp": 1473083184,
"iat": 1473072384,
"iss": "Account Prod",
"uid": "123455",
"session_id": "2f74a72a-0304-4ed3-b4b4-e9a9709f9e82"
}
-
exp Expiry time of the token
-
iat Time of issuing the token
-
iss Issuer of the token
-
uid Id of the user the token was issued to
-
session_id Internal id of the session
Get BB Token
-
Option 1 Login through the
login
mutation with username and password to get a BB Token. Suitable for most cases, eg. desktop and mobile. -
Option 2 Login through the Activation code service to get a BB Token. Suitable for clients where keyboard input is hard, eg. televisions and set top boxes with remote control as primary input device.
Use BB Token
-
Add BB Token to requests that need to be authenticated through the
Authorization
header. -
If Account returns an authentication error the BB Token has expired and the user needs to login to get a new BB Token.
Example of authentication error:
{
"data": {"me": {"session": null}},
"errors": [
{
"code": 15,
"locations": [{"column": 0, "line": 3}],
"message": "Authentication required",
"path": ["me", "session"],
"source_errors": ["Authentication required"],
"type": "invalid_session"
}
]
}
Validate BB Token
Use the me
query authorized with the token you want to validate and only request session data. This will check if the session_id in the token is still active and not logged out without making extra requests to Vimond.
API ¶
The endpoint is /api.
Required parameter is client
.
See GraphiQL for documentation. (This link points to the stage environment.)
Errors ¶
Resource ¶
Headers
Content-Type: application/json
Body
{
"data": {
"create": null
},
"errors": [
{
"code": 2,
"locations": [
{
"column": 0,
"line": 2
}
],
"message": "Please enter a valid email",
"path": [
"create"
],
"source_errors": [
"Password length should be minimum 4",
"User Name length should be minimum 4",
"Please enter a valid email"
],
"type": "email_invalid"
}
]
}
Headers
Content-Type: application/json
Body
{
"data": {
"login": null
},
"errors": [
{
"code": 10,
"locations": [
{
"column": 0,
"line": 2
}
],
"message": "Wrong username or password",
"path": [
"login"
],
"source_errors": [
"Incorrect username or password"
],
"type": "invalid_credentials"
}
]
}
Headers
Content-Type: application/json
Body
{
"data": {
"userExists": null
},
"errors": [
{
"code": 21,
"locations": [
{
"column": 0,
"line": 2
}
],
"message": "User not found",
"path": [
"userExists"
],
"source_errors": [
"User not found"
],
"type": "user_not_found"
}
]
}
POST/<account_endpoint>
code | type | message | retry? | notes |
---|---|---|---|---|
0 | generic | “Generic error” | no | In most cases validation errors. Consult the source_errors field for debugging. |
1 | email_already_in_use | “The email is already in use” | no | |
2 | email_invalid | “Please enter a valid email” | no | Validation error |
3 | password_too_short | “Password does not meet the minimum length requirement of 8” | no | Validation error |
4 (Deprecated) | ||||
5 | client_missing | “Missing client parameter” | no | |
6 (Deprecated) | ||||
7 | zip_code_invalid | “Invalid zip code” | no | Validation error |
8 | bad_vimond_response | “Could not parse Vimond response” | yes | |
9 (Deprecated) | ||||
10 | invalid_credentials | “Wrong username or password” | no | |
11 | http_error | “HTTP error” | yes | |
12 | service_outage | “Service outage in underlying system” | yes | Service outage detected in Vimond. |
13 (Deprecated) | ||||
14 | invalid_bb_session_token | “Invalid BB session token” | no | Invalid token, throw it away and login! |
15 | invalid_session | “Authentication required” | no | Invalid token, throw it away and login! |
16 | session_not_found | “Session not found” | no | Invalid token, throw it away and login! |
17 | user_creation_failed | “User creation failed due to validation failure” | no | |
18 | username_already_in_use | “The username is already in use” | no | |
19 (Deprecated) | ||||
20 | mismatching_passwords | “Mismatching passwords” | no | Validation error |
21 | user_not_found | “User not found” | no | |
22 | client_unauthorized | “Client unauthorized” | no | |
23 | password_reset_token_already_used | “Password reset token has already been used” | no | Validation error |
28 | no_entitlements_found | “No entitlements found” | no | Used for Telia users |
Generated by aglio on 15 May 2023