Calling Order Service APIs with JWT authentication

You can call the Order Service APIs with JWT authentication.

Before you get started, ensure that JWT properties are set in Sterling Order Management System Software and Order Service.

And, ensure that the incoming HTTP/HTTPS request for API calls contain the request header as “Authorization”, scheme as “Bearer”, followed by JWT as illustrated.
Authorization=Bearer <Signed JSON web token>

Order Service verifies the token signature and expiration date. If the verification process is successful, a request is automatically forwarded to the corresponding API.

Sterling Order Management System Software supports (/jwt) rest endpoint using which you can obtain a JWT token. To obtain a JWT token, call <host:port>/smcfs/restapi/jwt and perform a GET request. A new JWT token is returned using which you can call Order Service APIs.

Note: There are many ways of obtaining the JWT token. One of the ways to obtain a JWT token is to call the Sterling Order Management System Software login API. Then, pass the user token and login ID as parameters to <host:port>/smcfs/restapi/jwt.