Authentication
Actions carried out via the Service API must always be made as an authenticated User. By default, this is the User mapped to the API key. Once you have set up the container with your key, the Service API client will ensure the key is used in all requests to the API.
After this initial authentication is done, you can optionally authenticate as another User and make subsequent requests on their behalf using one of the methods below.
Note: Check User permissions
All requests made through the Service API will be restricted by the permissions of the authenticated User's Role in CXM. Make sure your User has the right permissions for the actions you want to use.
Authenticate with OAuth token
If you have authenticated a User with CXM via OAuth, you can make all requests to the Service API as that user. There is no need to authenticate the User again, simply add their access token to the Service API client:
<?php
/** @var \Jadu\Quantum\ServiceApiClient\ServiceApiClient */
$client = $container->get('quantum_service_api_client.service_api_client');
// Set the OAuth token on the client
$client->setAccessToken($oAuthToken);
Authenticate with credentials
If you are not able to use OAuth, you can instead send a username and password to the Service API to authenticate a user.
<?php
/** @var \Jadu\Quantum\ServiceApiClient\Manager\AuthenticationManager */
$authenticationManager = $container->get('quantum_service_api_client.manager.authentication');
try {
$userToken = $authenticationManager->signIn($username, $password);
} catch (\Jadu\Quantum\ServiceApiClient\Exception\UnauthorizedException $e) {
// sign-in failed
}
If successful, you will be given a User token. Add the token to the Service API client and it will then be used for all API requests.
<?php
/** @var \Jadu\Quantum\ServiceApiClient\ServiceApiClient */
$client = $container->get('quantum_service_api_client.service_api_client');
// Set the User token on the client
$client->setUserToken($userToken);