Mariana Tek Logo

Connecting to Mariana Tek with Universal Auth

Mariana Tek uses OAuth 2.0 in order to authenticate users. The flow that should be used is determined by the type of your application. For traditional web apps like this demo, the Authorization Code Flow should be used.

Overview

A user will authenticate with this flow as follows:

  1. User initiates the login flow by clicking a link that will take them to Mariana Tek for authorization. If necessary, the user will log in and give permission to your application to make requests on their behalf.
  2. After authenticating, the user is redirected to the redirect_url your application provided as part of Step 1, with the authorization code returned as a query parameter.
  3. This authorization code can then be exchanged for an access_token by making a request to the token endpoint.

Once these steps are complete, the access token may be stored and used to authenticate subsequent API requests.

Step 1: Construct the authorization link

Before you get started, you’ll need a valid client_id and client_secret for your application, as well as the base url for the brand you wish to connect to within the Mariana Tek platform. If you don’t have these values yet, contact your account manager to register your application. When your application is registered, make sure to provide your redirect_uri so that this OAuth flow can be completed successfully.

Once you have these pieces of information, your authorization redirect should look like this:


    https://{BRAND}.marianatek.com/o/authorize?response_type=code&client_id={CLIENT_ID}
        &redirect_uri={REDIRECT_URI}&scope=read:account&state={STATE}

The value of state will be returned along with the authorization code.

If you would like to require users to log in each time they are authorized, even if they have an active session, you may set the optional query parameter prompt=true.

Here is an example of how this can be done:

Click here to log in

Step 2: Authorization redirect

After successful authorization, the user will be sent to the redirect_uri that was specified. The authorization code will be returned as a query parameter. This redirect will look like this: 


    https://example.marianatek.com/callback?code={AUTHORIZATION_CODE}&state={STATE}

Step 3: Exchange code for access token

Using the authorization code that should have been retrieved in the previous step, your application should now make a request to the token endpoint: 


    POST https://{BRAND}.marianatek.com/o/token?client_id={CLIENT_ID}&code={AUTHORIZATION_CODE}
        &grant_type=authorization_code

The response will look like this:


    {
        "access_token": {ACCESS_TOKEN},
        "expires_in": 604800,
        "token_type": "Bearer",
        "scope": "read:account",
        "refresh_token": {REFRESH_TOKEN},
    }