techrar docs
Home
Solutions
Solutions
  • eCommerce SaaS
  • Meals SaaS
  • Meals Marketplaces
API
API
  • Merchant APIs
  • Customer App APIs
  • Meals APIs
Techrar Connect
Home
Solutions
Solutions
  • eCommerce SaaS
  • Meals SaaS
  • Meals Marketplaces
API
API
  • Merchant APIs
  • Customer App APIs
  • Meals APIs
Techrar Connect
  1. Customer Profiles
  • GETTING STARTED
    • Marketplaces Overview
    • Account Setup
    • Authentication
    • Webhooks
    • Sales Channel Profile
  • Offerings & Listings
    • Display Providers
    • Plan Categories
    • Plans & Versions
    • Display Menus
  • Customer Profiles
    • Authenticating Customers
    • Customer Profile
    • Customer Location
  • Placing Orders
    • Place Subscription Order
    • Order Payment
  • Subscriptions
    • Subscription Lifecycle
    • Subscription Management
  • Complaints
    • Complaint Lifecycle
    • Complaint Management
  1. Customer Profiles

Authenticating Customers

Authenticate your marketplace customers to access Techrar subscription features without passwords or OTP.

Overview#

Customers in your marketplace are already authenticated in your app. To access Techrar's checkout and subscription management endpoints, you need to obtain Techrar access tokens for your authenticated users. This is done through a passwordless authentication flow.
Customers don't need separate Techrar accounts or passwords. We authenticate them based on their identity in your system.

How Authentication Works#

1
User is Authenticated in Your App
Customer logs into your marketplace using your existing authentication system.
2
Request Techrar Tokens
When customer accesses subscription features, call Techrar's authentication endpoint with customer details from your system.
This step is required for checkout & subscription management. But you can display offerings such as providers, tags, plans, and menus wihtout the need to authenticate the customer as those are using your API keys.
3
Receive Access & Refresh Tokens
Techrar returns JWT tokens that you'll use for all customer-specific API calls (checkout, subscriptions, locations).
4
Store Tokens Securely
Save the tokens in your app (secure storage/keychain) and use them for subsequent API calls.

Authenticate Customer#

Endpoint#

Request Body#

{
  "username": "0534501057",
  "name": "Ahmed Ali",
  "email": "[email protected]",
  "source": "jahez",
  "engine": "direct"
}

Parameters#

ParameterTypeRequiredDescription
usernamestringYesCustomer's unique identifier (phone, user ID, etc.)
namestringYesCustomer's full name
emailstringYesCustomer's email address
sourcestringYesYour marketplace name (e.g., "jahez", "nana", "thechefz")
enginestringYesUse "direct" for passwordless auth
Important
username must be unique per customer in your system
Use consistent source value across all requests (your marketplace identifier)
Always use engine: "direct" for sales channel authentication

Response#

{
  "access": "eyJ0eXAiOiJKV1QiLCJhbGc...",
  "refresh": "eyJ0eXAiOiJKV1QiLCJhbGc..."
}
Tokens:
access: Short-lived token for API requests (use in Authorization header)
refresh: Long-lived token to obtain new access tokens when expired

Using Tokens#

Access Token#

Use the access token for all customer-specific API calls:

Refresh Token#

When access token expires (typically 30 days), use Refresh Access Token to get a new one.

Best Practices#

Token Management#

Store tokens in secure storage (keychain/encrypted storage)
Never expose tokens in logs or UI
Clear tokens on user logout
Implement automatic token refresh before expiration

Error Handling#

Handle 401 errors by refreshing tokens
Re-authenticate if refresh token is invalid
Show appropriate error messages to users

Security#

Use HTTPS for all API calls
Validate customer data before authentication
Implement rate limiting on your end
Monitor for suspicious authentication patterns

User Experience#

Authenticate silently in the background
Cache tokens for quick access
Pre-authenticate before showing subscription features
Handle offline scenarios gracefully

Common Scenarios#

New Customer#

First time accessing subscriptions:
1.
Customer browses your app (already logged in)
2.
Customer clicks on subscription feature
3.
Authenticate customer → store tokens
4.
Proceed with subscription flow

Returning Customer#

Customer with stored tokens:
1.
Check if access token exists
2.
Use token for API calls
3.
Refresh if expired
4.
Continue subscription management

Customer Logs Out#

When customer logs out of your app:
1.
Clear Techrar tokens from storage
2.
Clear any cached subscription data
3.
Re-authenticate on next login

Troubleshooting#

401 Unauthorized#

Cause: Token expired or invalid
Solution: Refresh access token using refresh token, or re-authenticate

400 Bad Request#

Cause: Missing or invalid authentication parameters
Solution: Verify all required fields (username, name, email, source, engine) are provided

Duplicate User Issues#

Cause: Same username used with different email/name
Solution: Ensure consistent customer data across authentication calls
Modified at 2025-11-23 09:02:15
Previous
Display Menus
Next
Customer Profile
Built with