Authentication

This page describes the authentication methods used by White Label Loyalty (WLL) services:

"Admin Authentication" — a WLL-issued administrator token.
"Tenant Authentication" — a token typically issued by your system for end users.

In this guide, Admin Authentication refers to a WLL-issued admin token and Tenant Authentication refers to a token issued for an end user to use.

Admin authentication is provided via the AdminAuthProvider.

import { AdminAuthProvider } from '@wll-sdk/api';

Example: initializing the WLL Rewards SDK with an AdminAuthProvider

admin.ts

import { WLLRewardsSdk, AdminAuthProvider } from '@wll-sdk/api';

new WLLRewardsSdk({
  apiKey: '<your-api-key>',
  authProvider: new AdminAuthProvider({
    clientId: '<your-client-id>',
    clientSecret: '<your-client-secret>',
  }),
  baseUrl: 'https://api.rewards.wlloyalty.net/v1',
});

The AdminAuthProvider will automatically extract which region you are using from the baseUrl and attempt to authenticate. Current regions supported by the SDK:

AdminAuthConfig Reference

Property

type

Required?

clientId

string

clientSecret

string

grantType

string?

audience

string?

scope

string?

Tenant authentication is provided via the StaticAuthProvider.

import { StaticAuthProvider } from '@wll-sdk/api';

The StaticAuthProvider is a simple implementation of AuthProvider that takes a token in its constructor and always returns that token. It is useful for tenant authentication after completing your authentication flow, or for admin authentication if you store an admin token.

Example: initializing the WLL Rewards SDK with a StaticAuthProvider

tenant.ts

import { WLLRewardsSdk, StaticAuthProvider } from '@wll-sdk/api';

async function tenantTokenFlow(): Promise<string> {
  // Your implementation.
}

const token = await tenantTokenFlow();

new WLLRewardsSdk({
  apiKey: '<your-api-key>',
  authProvider: new StaticAuthProvider({
    token,
  }),
  baseUrl: 'https://api.rewards.wlloyalty.net/v1',
});

StaticAuthConfig Reference

Property

type

Required?

token

string

If needed, implement your own AuthProvider. The abstract class AuthProvider is exported by the SDK. Implementing it lets you pass a custom provider to the SDK (for example, fetching a token from a remote cache).

Abstract method signature:

abstract class AuthProvider {
  public abstract getToken(region: Region): Promise<string>;
}

Example: minimal custom auth provider

remote-auth-provider.ts

import { WLLRewardsSdk, AuthProvider } from '@wll-sdk/api';
import { fetchRemoteToken } from '../path/to/fetchRemoteToken';

class RemoteAuthProvider implements AuthProvider {
  public async getToken(region: any): Promise<string> {
    const token = await fetchRemoteToken();
    return token;
  }
}

new WLLRewardsSdk({
  apiKey: '<your-api-key>',
  authProvider: new RemoteAuthProvider(),
  baseUrl: 'https://api.rewards.wlloyalty.net/v1',
});

PreviousUsage NextWebhooks

Last updated 2 months ago