Auth

Create a short-lived token

Securityoauth2 or bearerAuth or apiKeyHeader
Request
Request Body schema: application/json
required
permissions
Array of strings

List of permissions that the short-lived token can have. These can only be permissions that are already given to the calling user.

Responses
200

JWT token

post/auth/token/short-lived
Request samples
application/json
{
  • "permissions": [
    ]
}
Response samples
application/json
{
  • "token": "string"
}

Exchange username and password for JWT token

Request
query Parameters
companyId
string >= 1

The unique company identifier.

domain
string

A valid domain associated with a company

userType
string

User type.

authType
string (AuthType)

The authentication type to explicitly use

Enum: "basic" "google" "oneTimeCodeEmail" "oneTimeCodeText" "SAML"
authValueType
string (AuthValueType)

The authentication value type to explicitly use

Enum: "email" "username" "phone" "samlSubjectNameId"
Request Body schema: application/json
required
Any of:
username
string

The username to authenticated. This can be a username or an email, depending on the configuration.

password
string <password>

The password to authenticate with.

Responses
200

JWT token

post/auth/token
Request samples
application/json
{
  • "exchangeToken": "string"
}
Response samples
application/json
{
  • "token": "string"
}

Exchange current token for a new one

Securityoauth2 or bearerAuth
Responses
200

JWT token

put/auth/token
Response samples
application/json
{
  • "token": "string"
}

End login session, invalidating current login token.

Securityoauth2 or bearerAuth
Responses
200

Success

delete/auth/token
Response samples
application/json
{
  • "status": 0,
  • "message": "string"
}

Change password

Securityoauth2 or bearerAuth or apiKeyHeader
Request
Request Body schema: application/json
required
Any of:
username
string

The username to authenticated. This can be a username or an email, depending on the configuration.

password
string <password>

The password to authenticate with.

Responses
200

Success

post/auth/password
Request samples
application/json
{
  • "exchangeToken": "string"
}
Response samples
application/json
{
  • "status": 0,
  • "message": "string"
}

Get all permissions for the requesting user

Securityoauth2 or bearerAuth or apiKeyHeader
Responses
200

Success

get/auth/permissions
Response samples
application/json
{
  • "status": 200,
  • "message": "success",
  • "data": {
    }
}

Get logged-in user's info.

Securityoauth2 or bearerAuth or apiKeyHeader
Responses
200

Success

get/auth/user
Response samples
application/json
{
  • "data": {
    }
}

Takes a user ID and returns a temporary token that can be exchanged for a real auth token.

Securityoauth2 or bearerAuth or apiKeyHeader
Request
Request Body schema: application/json
required
userId
required
string (AnyId) ^ext-|^[A-Z][A-Z0-9]-[A-Z0-9]+-[A-Z0-9]+|^\d+...

Peach's unique or lender's external identifier.

Responses
200

Success

post/auth/exchange-token
Request samples
application/json
{
  • "userId": "string"
}
Response samples
application/json
{
  • "data": {
    }
}

Send one time code.

Request
path Parameters
companyId
required
string

The unique company identifier.

Request Body schema: application/json
required
username
required
string

Either an email address or phone number depending on the auth type and auth value type set up for the company.

userType
string (UserType)

The type of the user.

Enum: "agent" "borrower" "service"
channel
required
string or null (InteractionChannel)

The channel where interactions with a borrower occur. For example, an outbound call with a borrower is considered voice.

Enum: "voice" "email" "fax" "text" "chat" "mail" "gui" "document"
context
object

Template specific properties to substitute in the corresponding ConfirmationCode template.

force
boolean
Default: false

Force using the auth type of the user and not the company

Responses
202

OK

post/companies/{companyId}/auth/send-one-time-code
Request samples
application/json
{
  • "username": "string",
  • "userType": "agent",
  • "channel": "voice",
  • "context": { },
  • "force": false
}

SAML callback endpoint

Request
path Parameters
companyId
required
string

The unique company identifier.

query Parameters
userType
string

User type.

appDomainType
string (AppDomainType)

App Domain Type.

Enum: "borrower" "agent" "help" "admin"
Request Body schema: application/x-www-form-urlencoded
required
SAMLResponse
required
string
RelayState
string
Responses
200

Success

post/companies/{companyId}/auth/saml/callback
Request samples
application/x-www-form-urlencoded
SAMLResponse=string&RelayState=string

Redirect to the SAML login endpoint

Request
path Parameters
companyId
required
string

The unique company identifier.

query Parameters
userType
string

User type.

appDomainType
string (AppDomainType)

App Domain Type.

Enum: "borrower" "agent" "help" "admin"
returnUrl
boolean
Default: false

If true, will return a URL to the login instead of redirecting to the login

Responses
200

Success

get/companies/{companyId}/auth/saml/login

Display Peach SP Metadata

Peach acts as the service provider

Request
path Parameters
companyId
required
string

The unique company identifier.

query Parameters
userType
string

User type.

appDomainType
string (AppDomainType)

App Domain Type.

Enum: "borrower" "agent" "help" "admin"
Responses
200

Success

get/companies/{companyId}/auth/saml/metadata.xml

Display IdP setup help

Request
path Parameters
companyId
required
string

The unique company identifier.

query Parameters
userType
string

User type.

appDomainType
string (AppDomainType)

App Domain Type.

Enum: "borrower" "agent" "help" "admin"
Responses
200

Success

get/companies/{companyId}/auth/saml/help