Guides
Start typing to search…

OEM Authentication

Getting Started


Step 1: Create an Integration Page

Build a page in your application where your Partners can:

  • Learn about the MSPC implementation and it's functionality.
  • Initiate the authorization process via an "Enrol" or "Setup" button.

Step 2: Request Authorization

The following is a simplified example showing how to go generating an Organization and a User Session.

When a partner clicks your integration button, you want to perform the needed api calls shown below, and we will respond with a url, which you then redirect the user to.

OEM Authentication Process

This guide provides a comprehensive overview of the OEM authentication process using the MSPC API, which follows OAuth 2.0 Client Credentials Grant best practices.

Overview

The OEM authentication system allows Vendors to create Organizations, manage Users, and handle integrations on behalf of their Partner's through a secure token-based authentication flow.

📋

Prerequisites

To access this API, you must have the Client ID and Secret provided by MSPCentric.

Authentication Flow

Step 1: Create Organization

Create Organization for a User

Create a new organization in the MSPC system.

Endpoint: POST /api/oem-api/organization

{
  "clientId": <ClientId>,
  "clientSecret": <ClientSecret>,
  "grantType": "client_credentials",
  "scope": "vendor_manage",
  "data": {
    "name": "Wisozk Inc",
    "email": "[email protected]",
    "firstName": "Ansley",
    "lastName": "Parisian",
    "vendorUserId": "1234",
    "vendorOrganizationId": "1234"
  }
}

Response (201 Created):

{
  "status": 201,
  "message": "Successfully created organization",
  "organizationOemToken": <OrganizationOEMToken>
}

Possible Errors:

  • 400 Bad Request - Malformed request body
  • 401 Unauthorized - Invalid client ID or client secret
  • 409 Conflict - Organization with these details already exists

Step 2: Store Organization Token (OEM Token)

Store the returned organizationOemToken securely for future authentication requests. This token is permanent and specific to the organization.

⚠️

Important: Keep this token secure as it provides access to the organization's data.

Step 3: Create Authentication Session

Create a Session for a user with an existing Organization

Use the stored organization token to create an authentication session.

Endpoint: POST /api/oem-api/organization/session

{
  "clientId": "your-client-id",
  "clientSecret": "your-client-secret",
  "grantType": "client_credentials",
  "scope": "vendor_manage",
  "organizationOemToken": "your-organization-oem-token"
}

Response (201 Created):

{
  "status": 201,
  "message": "Success: session created",
  "redirectUrl": "https://app.mspcentric.com/<login-token>"
}

Possible Errors:

  • 400 Bad Request - Malformed request body
  • 401 Unauthorized - Invalid client ID or client secret
  • 403 Unauthorized - Invalid organization token

Step 4: Redirect to Application

Use the redirectUrl from the previous response to redirect the user to the MSPC application.

💡

Best Practice: Open the redirect URL in a new tab to provide a seamless authentication experience.


{
  "integration": {
    "id": "67ae3bcff05cb32e0cb6d9b7",
    "vendorId": "vendor-id"
  },
  "status": 200,
  "message": "Successfully updated a user's integration credentials"
}

Updated 9 months ago

What’s Next