eCert – eCertification Platform
This document is designed to give developers of third-party systems, instructions on how to manage eCert users through the User Authentication Service (UAS). The link to the UAS swagger page is as follows:
Please Note: This is the Live URL. There is no UAS on QA so any submission will be on the live database.
Refer to UAS How to Connect document.
Messages (data) are delivered via two response types namely XML and JSON. In order to receive data in a specific format, you need to specify the content type in the response header as such:
This section demonstrates some of the endpoints using a 3rd party tool, Swagger. This tool will help the user to get a feel of what the endpoint parameters look like as well as view the responses in different formats. Below are screenshots and tables to show how the request and responses look like for the different endpoints.
Used to register new users using the User Authentication Service
Request (xml, json):
Used to update existing user information using the User Authentication Service
Used to retrieve a registered user’s information from the User Authentication Service
Following are code snippet examples to illustrate how to call the UAS endpoints using AJAX on the Client side. The examples show how clients can specify which format they want to receive as a response between Json and XML.
The examples below show C# code snippets of how to register a user on UAS, as well as how to get UAS user information.
The method below shows how to register a new user on UAS by posting the user model (see endpoints section for object structure).
The method below shows how to get user information from UAS using the email parameter.
The following points explain, with code snippets and images, how to create a registration form in your own application and submit the user details to a central repository, the User Authentication Service User tables. In future we will refer to your application as MyApp.
The user completes the registration form (with UAS fields and application specific fields) in MyApp. The UAS specific fields are submitted to the UAS and on successfully registration a unique UASUserID is returned. This can then be stored in the MyApp user table along with any additional fields that were requested during registration that are specific to MyApp.
As shown in the picture below, the PhytClean user table only stores minimal user fields that are only relevant to PhytClean and the rest of the user information can be reference from UAS using the UASUserID.
The picture below shows the PhytClean registration page. The fields that are ticked are the ones that are stored in the User table in the User Authentication Service database. The rest of the fields are stored in the PhytClean user table including the UASUserID.
The UAS base URL is stored in config file – https://uas.ecert.co.za
The code snippet below shows the registration fields and validations.
Please note: For all code snippets below, the DTO objects store the responses returned from the relevant endpoints. For example: The RegisterDTO is an object that stores the response returned from the Register endpoint.
The code snippet below demonstrates the process of registering a user through the UAS. Once a user is successfully registered a confirmation email is sent to the email account entered and a response is sent back to PhytClean with user data which includes the UASUserID.
The user will have to click on the link provided in the confirmation email to verify that their email is valid.
Once the user has been successfully registered and they have confirmed their email, they can log into PhytClean or any of the UAS authenticated systems. The code snippet below shows the PhytClean code for logging in.
The code below details how to log the user out of the application.
If a user forgets their password, they can request for it to be reset. The code snippet below shows the PhytClean code that initiates the password reset on UAS.
All methods available on the swagger page use the same principle. As long as the user has a valid token you can POST/GET data from the database using an endpoint and the response can then be consumed as needed.