# Authentication

# Basics

Communication with the anybill cloud is only possible after prior authentication. anybill uses OAuth 2.0 or OpenId Access Tokens for authentication. The identities are managed in an Azure Active Directory B2C. To get an access token you need a client id and a service account with username and password.

  • The client ID is assigned by anybill once per POS system manufacturer.
  • Username and password of the service account are assigned by anybill to the merchant.

# Retrieving an Access Token

To retrieve an access token request an anybill account using the anybill Partner Platform API.

For every communication with endpoints of the anybill App API the access token must be specified in the header:

Header

  • Authorization: Bearer <access_token>

# Refreshing an Access Token

The access token can be refreshed as follows.

URL
POST https://adanybill.b2clogin.com/ad.anybill.de/oauth2/v2.0/token?p=b2c_1_ropc_mobile (opens new window)

Header

  • Content-Type: application/x-www-form-urlencoded
  • Authorization: Bearer <access_token>

Query Parameters

  • p=b2c_1_ropc_mobile

Body

{
    "refresh_token": "<refresh token>",
    "grant_type": "refresh_token",
    "client_id": "<your client id>",
    "scope": "https://ad.anybill.de/backend/user_impersonation offline_access",
    "response_type": "token"
}

If the update is successful, the server outputs the access token as a response in the following format:

{
   "access_token": "*****",
   "token_type": "Bearer",
   "expires_in": 86400,
   "refresh_token": "*****",
   "refresh_token_expires_in": 1209600
}