Base URL and authentication details

Base URL

https://api.mrkter.io/api/v1

To use the API, include the following headers:

Authorization: Bearer <token>
x-account-id: <accountId>
x-session-id: <sessionId>

To obtain a <token>, send your login and password to the following endpoint:

POST https://login.dev.mrkter.io/oauth/token

Content-Type: application/x-www-form-urlencoded

Example request:

curl --request POST \
     --url https://login.dev.mrkter.io/oauth/token \
     --header 'accept: application/json' \
     --header 'content-type: application/x-www-form-urlencoded' \
     --data grant_type=password \
     --data username=YOUR_EMAIL \
     --data password=YOUR_PASSWORD \
     --data audience=https://dev-mrkter.io \
     --data client_id=IuNTe8fftpw3a0KJKxsxBET8t3C6agZi \
     --data connection=Username-Password-Authentication \
     --data scope=offline_access

Example response:

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImlkTGt5YjFvaEpOSUE1M29NblYtZiJ9.eyJodHRwOi8vdHlwZSI6InVzZXIiLCJodHRwOi8vZW1haWwiOiJkbWl0cnkudit2ZW5kb3JAbXJrdGVyLmlvIiwiaHR0cDovL2p0aSI6ImFmZDJhYWQ3NmFlOTM1OGZmYTAwMDNkYjI0NWM0MmE5IiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi5kZXYubXJrdGVyLmlvLyIsInN1YiI6ImF1dGgwfDY1ZTk5M2M3MjllNDBlZjFjZWJmMjMwMyIsImF1ZCI6Imh0dHBzOi8vZGV2LW1ya3Rlci5pbyIsImlhdCI6MTc0MzQ5MjUyMywiZXhwIjoxNzQzNTc1MzIzLCJzY29wZSI6Im9mZmxpbmVfYWNjZXNzIiwiZ3R5IjoicGFzc3dvcmQiLCJhenAiOiJJdU5UZThmZnRwdzNhMEtKS3hzeEJFVDh0M0M2YWdaaSJ9.tb5CtPxYUVM-zNgcyCrp0a_2b4gTQBCTFaQt3k4oEdkUe2t06r965Cp242YuOiV6PpYCvn_C-mtOAiE9LccR7LnD_XQev9xd1UY2MEH3wsFS_gKJqHDR4d3EEkfDcrQ-5TI1j9Z2H1WYJoKr7yDqmGEGQLWn3vf6dsSp4WyPqV9R11ATXx1m9tqxOadj00_P94ydP7YgKK-JRHOMc7Mq1eB3QxGrGR2AyE87tHbrQe5vNUsX3Fg0dRecIVSwQDFrtnnT3U61zLUpDPOHMwWDsmdm0VcM6tjLDOnsmbdqxiJNlJADQXGSxHBmFG5GDw9Vj3UpK-A7lSIPYq3BDYgOlA",
  "expires_in": 82800,
  "refresh_token": "v1.MR6xg9RDB5irsO26zb3yDvoG9FxEIXjXoshtlzqb8Kp2ur3MASmc3FgMod_GxurxOacfHedm3VtKdA0pFdLGWXc",
  "scope": "offline_access",
  "token_type": "Bearer"
}

From the response, use the access_token value as your <token>.

Then to get the <accountId>, send a request using the <token> obtained in the previous step:

GET https://api.dev.mrkter.io/user-identity/me/users

Add the Authorization: Bearer <token> header to this request.

Example response:

[
  {
    "id": 0,
    "accountId": 0,
    "firstName": "John",
    "lastName": "Dow",
    "avatar": null,
    "email": "[email protected]",
    "status": "ACTIVE",
    "currency": "USD",
    "verifiedPhoneNumber": "+972531112233",
    "notVerifiedPhoneNumber": null,
    "invitedAt": "2023-03-31T12:57:53.089Z",
    "accountType": "ADVERTISER",
    "accountCreatedAt": "2023-03-31T12:57:53.089Z",
    "companyName": "Payouts",
    "inviteExpiresAt": "2023-03-31T12:57:53.089Z",
    "systemRoles": [
      {
        "id": 0,
        "name": "OWNER",
        "description": "OWNER_DESCRIPTION",
        "permissions": [
          {
            "id": 0,
            "name": "VENDOR_FINANCE:READ",
            "resource": "VENDOR_FINANCE",
            "action": "READ"
          }
        ]
      }
    ],
    "totpEnabled": false,
    "phoneNumberAuthEnabled": false,
    "location": "US",
    "phoneNumberCountry": "US",
    "phoneNumberCode": "972",
    "isEmailVerified": true,
    "isPasswordSetForInvitedUser": true
  }
]

From the request above, extract the accountId from the first object in the array.

Then, to get the <sessionId>, send a request to the following endpoint:

POST https://api.dev.mrkter.io/auth/mfa/totp/authenticate

Include the Authorization: Bearer <token> header in this request

Also include the x-account-id: <accountId> header in this request

Example request:

{
  "code": "284532"
}

Use the data from the response as your <sessionId>

You now have the <token>, <accountId>, and <sessionId> to use with the API.