Authentication

User Types

There are two types of users of the Kynd API

Users: The Kynd web application uses the Kynd API to authenticate end users such as business owners, allowing them to log into and interact with the product.

Distributors: Distributors access the Kynd Web Application either directly from their back office or from the back end systems that power their products.

Token Retrieval

The Kynd API will use a token based authentication mechanism (Full details TBC). Both types of users retrieve a token with the same mechanism:

TODO: fill this in with a diagram once David has written the authentication flow

Authenticating requests using Token

Once the system accessing the API has its token it includes the token in an Authorization HTTP header in order to authenticate requests to the API.

Some endpoints are available only to Distributors (e.g. listing all users in the platform which relate to that distributor) but most are available to both Users and Distributors and most relate to a specific user.

In order for a distributor to access an endpoint which relates to a specific user, it can add an an additional x-user http header to "impersonate" that user. See examples below:

Users:

GET https:/api.kynd.io/domainrisk/

Authorization: bearer <token>

Distributors:

Useful for accessing endpoints accessible only by distributors, such as listing the number of users which relate to that distributor.

GET https:/api.kynd.io/users/

Authorization: bearer <token>

Distributors impersonating Users

GET https:/api.kynd.io/domainrisk/

Authorization: bearer <token>

x-user: <user_id>