Skip to content

Generating

Generating the JWT Access Token

To ensure secure access and personalized data submission and display, a JWT token is generated that contains essential information, like ConfigurationID and UserID. To obtain a JWT token, execute a direct call to the dedicated API endpoint /authenticate, providing the following parameters:

  • UserID: A unique identifier owned by the customer, such as an email address, login, or a set of symbols, ensuring uniqueness.
  • PacUuid: The Configuration ID for which access is requested.
  • UserPublicName: An optional parameter for displaying a human-readable username in the Preference app, useful when the UserID is not human-readable.
  • userEmail: An optional parameter to support transactional emails for the users, that do not use email as UserID (i.e. in case of Double-opt-In)

The ConfigurationID can be found in Admin Interface on the page with the list of Configurations or when viewing the structure of specific Widget:

Configurations list
Configurations list


Widget structure view displaying identifiers of all key elements: Configuration, Widget, Topics, and Options
Widget structure view displaying identifiers of all key elements: Configuration, Widget, Topics, and Options



Example: 

curl -X POST \
  'https://preference-api.preference-management.usercentrics.eu/public/authenticate' \
  -H 'accept: application/json' \
  -H 'X-API-KEY: 7b931a0xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxa0d1' \
  -H 'Content-Type: application/json' \
  -d '{
    "pacUuid": "1234abcd-22bb-33cc-44dd-12345678abcd",
    "userId": "user@company.com",
    "userPublicName": "Test User",
    "userEmail": "user@email.com"
  }'
Response:

If the call is successful, it will return the token, which should be included as the Authorization header (format = Bearer {{ token }}) in subsequent calls to the platform API. 

{
  "token": "eyJhbG...erJY"
}
Please note, the token is valid a period of 8 hours, so it can be reused during the session without the need to request a new one.

It is strongly recommended to perform such a call on a backend, since the API Key is sensitive information and can be used to access the whole set of preference data the Key owner has access to.

For full reference to the endpoints and their parameters, responses, and error codes returned, check our Swagger documentation: https://preference-api.preference-management.usercentrics.eu/public-api-doc#/Authentication/PublicApiController_authenticate