Performing Authentication to Retrieve Client Information and Dictionary Values

In order to retrieve information about your clients such as which teams and brands they belong to or to retrieve dictionary values you will first need to authenticate. It’s possible to authenticate with User or Provider accounts.

Step One – Authentication with User

To authorise, send an HTTP POST request to the following URL:

POST https://auth.ws.efinancialcareers.com/v1/authenticate HTTP/1.1

The authentication URL is different for Pilot:

POST https://auth.ws.efinancialcareers.com/v1/authenticate HTTP/1.1

With these mandatory HTTP headers:

Content-Type: application/xml
Authorization: EfcAuth realm="EFC"

And supply this XML representation in the HTTP request body with your credentials:

<principal xmlns="http://efinancialcareers.com/schema">

<apiKey>api_key</apiKey>

<password>password</password>

<strategy>SESSION</strategy>

</principal>

apiKey - The API key of the user.
password - The password of the user.
strategy - Always SESSION

 

Upon success, the server responds with HTTP 200 OK status code and an XML representation containing a token. For subsequent requests you will need to use this token so the server can identify your session. The session will expire after 30 minutes if no interaction with the server is maintained.

<ns2:token xsi:schemaLocation=”http://efinancialcareers.com/schema https://core.ws.efinancialcareers.com/v1/schema” xmlns:ns2=”http://efinancialcareers.com/schema” xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”><ns2:value>26c3adb6415881a42431dd195d082acc</ns2:value>
</ns2:token>

Step One - Authentication with Provider

To authorize, send an HTTP POST request to the following URL:

POST https://auth.ws.efinancialcareers.com/v1/authenticateProvider

The authentication URL is different for Pilot:

POST https://auth.ws.efinancialcareers.com/v1/authenticateProvider

With these mandatory HTTP headers:

Content-Type: application/xml
Authorization: EfcAuth realm="EFC"

And supply this XML representation in the HTTP request body with your credentials:

<provider xmlns="http://efinancialcareers.com/schema">

<apiKey>izpc9jhWZE5FvEUcXnePr</apiKey>

<password>z2tc-kzW5-wuC5-jF</password>

<trustedAccountApiKey>UnFRhaqi4RaGzfj9tx7Dc</trustedAccountApiKey>

</provider>

apiKey - The API key of the provider.
password - The password of the provider.
trustedAccountApiKey - The API key of the user.

 

Upon success, the server responds with HTTP 200 OK status code and an XML representation containing a token. For subsequent requests you will need to use this token so the server can identify your session. The session will expire after 30 minutes if no interaction with the server is maintained.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<token xmlns=”http://efinancialcareers.com/schema” xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” xsi:schemaLocation=”http://efinancialcareers.com/schema https://auth.ws.efinancialcareers.com/v1/schema”>

<value>522c3c4bd036a69db428ce4274745e9d</value>

</token>

Step Two

Your HTTP Authorisation header should contain the token received after your initial login as described in step one above.

Authorization: EfcAuth realm="EFC", token="522c3c4bd036a69db428ce4274745e9d"

Handing API errors

As the eFinancialCareers‘ API is RESTful, any HTTP status codes within the 4xx and 5xx range are classified as errors. The XML representation in the response body will help you determine the cause of each individual error that occurred.

<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes” ?>
<ns2:errors xsi:schemaLocation=”http://efinancialcareers.com/schema https://core.ws.efinancialcareers.com/v1/schema”>
    <ns2:error errorCode=”10013″>
        <ns2:errorType>MSG_AUTH_INVALID_CREDENTIALS</ns2:errorType>
        <ns2:translation lang=”en”>Invalid credentials: please note that for security reasons your account will be locked if you make 5 attempts to sign in with invalid credentials.</ns2:translation>
        <ns2:property>invalidCredentials</ns2:property>
    </ns2:error>
</ns2:errors>