Authentication and Authorization

Authentication

Before accessing Originate's API, you need to authenticate yourself.There are two ways to authenticate, depending on whether you are a lender or a customer.This section will guide you through the authentication and authorization process for both roles.

Authenticating as a customer

As a customer user, you can obtain your authentication token via customer creation or the customer login as can be seen below.

mutation ($input: AccountLoginInput!){
  login(input: $input) {
    token
  }
}

{
  "input": {
    "clientId": "YOUR_CLIENT_ID", // Required
    "email": "CUSTOMER_EMAIL", // Required
    "password": "CUSTOMER_PASSWORD", // Required
  }
}

{
  "token": "<TOKEN>"
}

Authenticating as a lender

As a lender user, more commonly referred to as client in the documentation, you can also obtain your authentication token via client login using the following mutation

As a lender user, also known as client in the documentation, you can obtain your authentication token via client login by performing the following modification.

b. Authorization:

Ensure your API key has the necessary permissions to perform the operations you intend to execute. Ensure that you pass your token in the Authorization Header.

Authorization: Bearer YOUR_AUTHENTICATION_TOKEN

Unique Client Identifiers

A clientId is a generated unique identifier for each client who has registered with Originate. It is used to identify the client performing the API call when making some API calls. To get the clientId, use the ClientInfo query as can be shown below.