Important Upcoming Change to Authenticating Using JWT on the Consumer API - 26th of January 2024

 

A new security update is coming to JustGiving’s Consumer API taking effect on 26th January 2024.

If you authenticate via JSON Web To (JWT) session tokens, you will need to make changes to the client parameters used for your existing application by midnight (GMT) on 26th January 2024.

If you authenticate using Basic Authentication (OAuth or Username/Password), this security update will not affect you.

 

Action required: If you authenticate via JWT tokens, you will need to update the client parameter to “JG.API” in your call to our Identity and Access Service by midnight (GMT) on 26th January 2024. This will enable you to continue to integrate with our Consumer API, from the end of January. You can take this action from today.

After 26th January 2024, our Identity and Access Service will stop issuing session tokens for the JG.Web client and will only issue session tokens for the JG.API client.

 

Updating your client parameter to JG.API

You will need to update your “ClientID” as follows:

{

"Username":some.user@some.address.com,

"Password":"some password",

"GrantType":"password",

"ClientId":"JG.API"

}

Background

Customer security is our top priority and we’re bringing new security enhancements to JustGiving. These will have an impact on our Consumer API, and the above steps will ensure you continue to have undisrupted access.

Have more questions? Submit a request

0 Comments

Article is closed for comments.