Footer Section
Explore
Adobe Sign ServicesAdvantage Platform AdministrationApprovals for Advantage PlatformApprovals for SalesforceBilling for Advantage PlatformBilling for SalesforceCLM for Advantage PlatformCLM for SalesforceContracts for SalesforceCollaborateComposer for Advantage PlatformComposer for SalesforceContractsConga for Google DocsConga Upgrade ProgramContract Intelligence (Standalone)Conga CopilotCPQ for Advantage PlatformCPQ for SalesforceDeal MaximizerDigital Commerce for Advantage PlatformDigital Commerce for SalesforceDiscovery AI for Advantage PlatformDiscovery AI for SalesforceDocusign ServiceseSignature Integration with Advantage PlatformGridInvoice GenerationMix FormsOrchestrateOrder Management for Advantage PlatformOrder Management for SalesforcePartner Commerce for Advantage PlatformPartner Commerce for SalesforceQuote GenerationSign for Advantage PlatformSign for SalesforceSmart SearchTest AuthorTurboEnginesX-Author for Contracts 1.0 (Classic)X-Author for ContractsX-Author for Contracts Advanced for Advantage PlatformX-Author for Contracts Advanced for SalesforceX-Author for ExcelX-Author for Migration Manager for Advantage PlatformX-Author for Migration ManagerRelease NotesGeneral
Get Access Token
post
/user/token
The /users/token endpoint must be used to obtain an access token for the current user. The body must contain the base64 data of the encrypted client credentials using the key obtained from the /users/key endpoint.
Content-Type
stringContent type of the request body.
Example:
application/json
x-storefront
stringThe name of the storefront used for the request.
Example:
ECommerce
In order to obtain a temporary encryption key, a callout must be made to the /users/key endpoint that returns a 64-bit hexadecimal key similar to the following:
9d035a21deee3664ca5f7b8810c4251237774a6f01140d98fdadb6d214bcd3b7
Once a key has been obtained, you can use the encryption library of your choice to encrypt the request body with the AES-CBC algorithm.
- Before base64 encoding the encrypted data, make sure the initialization vector used is prepended.
The result of the encryption should look similar in structure to:
047v2MG4m5cxkqwIXN1po0Q8p5PTpRlm9hlTlC89jPOpjkGlL3wZ732XDPveJLUWYkrJRnzt5M2bh+IZhIn4r+BmI21xPNQCESWZMSwOPn0=
This base64 string is used as the body of the request sent to the /users/token endpoint. Below are a couple of example using popular JavaScript frameworks:
// First obtain a key by making an API call to /users/key
const key = "9d035a21deee3664ca5f7b8810c4251237774a6f01140d98fdadb6d214bcd3b7";
// Initialization Vector for CBC algorithm
const iv = window.crypto.getRandomValues(new Uint8Array(16));
// Raw customer credential data
const clientCredentials = {
"username" : "customer@myshop.community.com",
"password" : "strongpassword"
}
// Supporting function to convert the hex key into an ArrayBuffer object
const hexToArrayBuffer = (hex) => {
var typedArray = new Uint8Array(hex.match(/[\da-f]{2}/gi).map(function (h) {
return parseInt(h, 16)
}));
return typedArray.buffer;
}
// Supporting function converts a string into an ArrayBuffer
const getUtf8Bytes = (str) =>
new Uint8Array(
[...unescape(encodeURIComponent(str))].map(c => c.charCodeAt(0))
);
crypto.subtle.importKey(
"raw",
hexToArrayBuffer(key),
{ //this is the algorithm options
name: "AES-CBC"
},
false, //whether the key is extractable (i.e. can be used in exportKey)
["encrypt", "decrypt"] // key can be used for encryption and decryption
)
.then((key) => {
return crypto.subtle.encrypt(
{
name: "AES-CBC",
//Don't re-use initialization vectors!
//Always generate a new iv every time your encrypt!
iv: iv,
length: 256
},
key, // CryptoKey object generated from hex key
getUtf8Bytes(JSON.stringify(clientCredentials)) // ArrayBuffer of client credentials
)
})
.then((encrypted) => {
// The result from the promise will contain encrypted customer credentials.
// In order to decrypt the request, the IV used must be prepended to the body
const requestData = btoa(String.fromCharCode(...iv) + String.fromCharCode(...new Uint8Array(encrypted)));
console.log(requestData);
// The request data can then be sent to the token endpoint in order to obtain an access token
});
// First obtain a key by making an API call to /users/key
const key = CryptoJS.enc.Hex.parse("9d035a21deee3664ca5f7b8810c4251237774a6f01140d98fdadb6d214bcd3b7");
// Initialization Vector for CBC algorithm
const iv = CryptoJS.lib.WordArray.random(128/8);
// Raw customer credential data
const clientCredentials = {
"username" : "customer@myshop.community.com",
"password" : "strongpassword"
}
const encrypted = CryptoJS.AES.encrypt(JSON.stringify(clientCredentials), key, {
iv: iv,
padding: CryptoJS.pad.Pkcs7,
mode: CryptoJS.mode.CBC
});
// The unencoded data sent to the server must contain the Initialization Vector prepended to the encrypted credentials
const result = btoa(atob(iv.toString(CryptoJS.enc.Base64)) + atob(encrypted.ciphertext.toString(CryptoJS.enc.Base64)));
username
stringpassword
stringUsername
:Password
:::
curl --request POST \--url https://documentation.conga.com/user/token \--header 'Accept: application/json' \--header 'Authorization: Basic 123' \--header 'Content-Type: application/json' \--header 'x-storefront: ' \--data '{"username": "sample@example.com","password": "pswd"}'
1{2"title": "success",3"status": 200,4"data": {5"userId": "0050f000008nTccAAE",6"accessToken": "00DG0000000iqtB!ARUAQHofFrVurFKWS8TcFKmhFM1yiA1VBzEVVAOXDB.5r_rlpxXuj53RnqfY2QKUgsL3N.ge5kmSPN5UcHK9iHckog6eTw.4"7}8}
chevron_right