Calling Order Service APIs with JWT authentication

You can call the Order Service APIs with JWT authentication.

Before you get started, ensure that JWT properties are set in Sterling™ Order Management System Software and Order Service.

And, ensure that the incoming HTTP/HTTPS request for API calls contain the request header as “Authorization”, scheme as “Bearer”, followed by JWT as illustrated.
Authorization=Bearer <Signed JSON web token>

Order Service verifies the token signature and expiration date. If the verification process is successful, a request is automatically forwarded to the corresponding API.

Sterling Order Management System Software supports (/jwt) rest endpoint using which you can obtain a JWT token. To obtain a JWT token, call <host:port>/smcfs/restapi/jwt and perform a GET request. A new JWT token is returned using which you can call Order Service APIs.

Note: There are many ways of obtaining the JWT token. One of the ways to obtain a JWT token is to call the Sterling Order Management System Software login API. Then, pass the user token and login ID as parameters to <host:port>/smcfs/restapi/jwt.