authenticate_user (POST)

Purpose

Authenticate the user in a credentials-based service required by the application.


Input parameters

  • data: A JSON object with the following format:
    {
      "user_id":"Zaplod",
      "password":"XurgluZ34!",
    }
    

    Output data

    A JSON object with this format:

    {
      "valid_credentials":"true",
      "user_id":"me",
      "auth_data_to_save":"..."
    }
    

    • valid_credentials: True if the supplied credentials are valid (the user exists and has the specified password). If false, the rest of the JSON object is ignored by Botize.
    • user_id: A human-readable identifier for the user that has been authenticated. It may be the same value specified in the element of the same name in the input data, or a different value. This value must be unique within the service that has performed the authentication.
    • auth_data_to_save: Any authentication information associated to the authenticated user that the application functions need to work. This data will be passed to the application functions as part of the input data (in the in the authentication/auth_save_data element) when invoked via the process_trigger and do_action commands.

    Notes

    This command is invoked by Botize only when the user authentication mode for the application, as specified in the user_auth_mode element of the data returned by the get_app_info command, is “credentials”.

    Botize allows the user to authenticate multiple times for the same task; authentication is performed separately for the trigger and the action but both must use the same authentication type and the same authentication service. If more than one authentication has been performed for the same task, the user can select which credentials to use from two lists (one for the trigger and one for the action) available in the task configuration page. The account names displayed in this list are the values returned in the user_id element by this command.

    Note that the username and password are transmitted in plain text, therefore it is strongly recommended to use HTTPS for the application entry point if this authentication method is used.

    See the User Authentication section for more details.