Serialization Service

Overview

The VerificationRequest API can be used to add EPCIS events to scanned products. These events include unpacking, decommissioning, etc. based on the property field values provided in the API request. An alternative API can that be used to do this is the Verify GTIN Scan and Verify GTIN Scans APIs. Using these two APIs provide a similar result, but has a more simplified API request. Example test API requests are given in the API documentation that can be used to help guide development efforts.

Authorization

The Serialization Service uses Azure Active Directory B2C for token generation under the Inmar One SSO tenant. Inmar One SSO is Inmar's solution for customer single sign-on access to Inmar applications.

To generate a token, make a request to POST https://login.microsoftonline.com/utinmaronessoaadb2c.onmicrosoft.com/oauth2/v2.0/token with a body of content type multipart/form-data (see form data example here) containing the following fields:

  • client_id: client ID credential given to the client upon onboarding

  • client_secret: client secret credential given to the client upon onboarding

  • grant_type: should be set to "client_credentials"

  • scope: should be set to "https://utinmaronessoaadb2c.onmicrosoft.com/1d4dcf54-e484-4b7e-b9fc-d6a2325116f4/.default"

The below is a sample HTTP request fitting the above requirements:

POST /qainmaronessoaadb2c.onmicrosoft.com/oauth2/v2.0/token HTTP/1.1
Host: login.microsoftonline.com
Content-Type: multipart/form-data;boundary="boundary"

--boundary
Content-Disposition: form-data; name="client_id"

{client_id}
--boundary
Content-Disposition: form-data; name="client_secret"

{client_secret}
--boundary
Content-Disposition: form-data; name="grant_type"

client_credentials
--boundary
Content-Disposition: form-data; name="scope"

https://utinmaronessoaadb2c.onmicrosoft.com/1d4dcf54-e484-4b7e-b9fc-d6a2325116f4/.default
--boundary--

In its response, Azure AD B2C will provide you with a body that contains the token as well as its expiry in seconds (see example below). For the duration of that token's lifetime, the token should be passed in any call to the Serialization Service in the Authorization header using the format Bearer {token}. The token can be reused as many times as required until its lifetime expires, at which point Azure AD B2C should be called again to generate a new token.

{
    "token_type": "Bearer",
    "expires_in": 3599,
    "ext_expires_in": 3599,
    "access_token": "{token}"
}

We provide industry-leading APIs.

Explore APIs
Picture