Authentication
When a customer signs into their account on the eCommerce platform it's necessary for SparkLayer to authenticate the customer. To avoid making customers sign in twice (to the platform and to SparkLayer), some platforms provide a mechanism to allow third parties (such as SparkLayer) to authenticate the customer. These mechanisms differ between platforms so Ignite specifies a generic endpoint which can be provided authentication data to be verified.
This diagram shows the how the authentication data moves from the front end to the Ignite API.
A real example will help illustrate how this works in practice.
When a B2B customer has signed in to a BigCommerce store, SparkLayer's Javascript code running in the customer's browser makes a request to BigCommerce's current customer endpoint. This endpoint returns a JSON Web Token which is passed to SparkLayer's API.
The SparkLayer API delegates the responsibility of verifying this JWT to the Ignite service for BigCommerce so that platform-specific code is kept separate from SparkLayer's core API.
SparkLayer passes the JWT to the /v1/{env}/{siteId}/authentication/verify Ignite endpoint. The Ignite implementation must verify the token and return the platform's unique identifier for the customer.
The SparkLayer API then uses the customer ID returned by Ignite to generate an access token for that customer and return it to the customer's browser. This access token is used for all subsequent requests to the SparkLayer API.