Skip to main content

Authenticating with e-mail and password

If you want to start using Aircall ecosystem, you would need to authenticate your agents, and one of the classic ways of doing so, is by using e-mail/password strategy.

{
  "type": "AUTH.EMAIL_AND_PASSWORD",
  "payload": {
    "email": "String!",
    "password": "String!"
  }
}
note

You don't need to initialize the authentication service in order to use this event.

Usage

When the user tries to use the integration for the first time, they should be asked to provide their credentials in order to authenticate and start using the app.

This is possible by sending the AUTH.EMAIL_AND_PASSWORD and waiting for AUTH.EMAIL_AND_PASSWORD_FULFILLED or AUTH.EMAIL_AND_PASSWORD_REJECTED depending on whether the credentials are correct or not.

{
  "type": "AUTH.EMAIL_AND_PASSWORD",
  "payload": {
    "email": "example@aircall.io",
    "password": "YourSecurePassword!"
  }
}
danger

It's VERY important that you make sure that this event is ONLY sent to the bus 🚌 iframe instead of sending it to all the iframes that are listening for messages coming from outside.

Successful authentication

When everything goes fine, you will receive a AUTH.EMAIL_AND_PASSWORD_FULFILLED event:

{
  "type": "AUTH.EMAIL_AND_PASSWORD_FULFILLED",
  "payload": {
    "credentials": "MigratedCredentials | LegacyCredentials",
    "currentUser": "User",
    "company": "Company"
  }
}

Something went wrong

If something bad happens, you will receive a AUTH.EMAIL_AND_PASSWORD_REJECTED event:

{
  "type": "AUTH.EMAIL_AND_PASSWORD_REJECTED",
  "payload": {
    "error": "Error"
  }
}

The error here, will correspond to whatever the backend service returns.

Reference

  • email: aside from being required, we check if the email is valid
  • password: just your Aircall password
/**
 * For the vast majority of Aircall users, you will receive this type of credentials.
 */
interface MigratedCredentials {
  idToken: string;
  refreshToken: string;
}
// For some specific users, you might receive what we call a legacy token.
interface LegacyCredentials {
  legacy_token: string;
}

Both idToken and legacy_token allows you to interact with our backend APIs.

One difference exist though, is that idToken expires every 15 minutes and legacy_token never expires.