📄️ Introduction
The unico OAuth2 authentication system supports the server-to-server interaction between a web application and the unico services. In this scenario, you will need a service account, which is an impersonal account that belongs to your application and not an individual user. Unico APIs are called by your application through the service account, so users are not directly involved. This scenario is called “two-legged OAuth”, or “2LO”. The service account is used by the application when working with its own data through the unico APIs.
📄️ Creating a Service Account
To use server-to-server interactions, you must request the creation of a service account with the project manager responsible for your company, sending the following data: company name, application name, name, e-mail and cell phone of the person responsible for the application in the company. It is necessary to create different accounts for the Approval and Production environments.
📄️ Preparing to make an authenticated API request
After creating and configuring a service account, your application needs to complete the following steps:
📄️ Postman Request
Download the file. Import into Postman and replace the value of the "assertion" parameter with the signed JWT to test the call.
📄️ Javascript example
📄️ Erros de autenticação
Os erros retornados na requisição podem ser identificados através dos códigos abaixo e possuem a seguinte estrutura:
📄️ FAQ
É possível fazer uma requisição com os valores do “iat” e “exp” sendo os mesmos?