ReSKU RGA Service

Inmar Intelligence ReSKU RGA Service

This site documents the technical contracts for interacting with the ReSKU RGA Service, an API provided by Inmar Intelligence for registering returns to be processed by our suite of value recovery services.

When onboarded by Inmar Intelligence to use the ReSKU RGA Service, each client will be provided with two sets of credentials with which to interact with the API:

  • A client ID and client secret pair for authorization token generation (see Authorization section below)

  • A consumer ID included in operations sent to the API

The below sequence diagram outlines the order of calls necessary to register a return with the ReSKU RGA Service. Read the technical documentation via the link below to learn more about the individual endpoints.

Picture
Read the Docs

Authorization

The ReSKU RGA Service uses Azure Active Directory B2C for token generation under the Inmar One SSO tenant. Inmar One SSO is Inmar's solution for customer single sign-on access to Inmar applications.

To generate a token, make a request to POST https://login.microsoftonline.com/prodinmaronessoaadb2c.onmicrosoft.com/oauth2/v2.0/token with a body of content type multipart/form-data (see form data example here) containing the following fields:

  • client_id: client ID credential given to the client upon onboarding

  • client_secret: client secret credential given to the client upon onboarding

  • grant_type: should be set to "client_credentials"

  • scope: should be set to "https://prodinmaronessoaadb2c.onmicrosoft.com/0e0d9b32-006f-4785-85c3-4dffc7bf02e8/.default"

The below is a sample HTTP request fitting the above requirements:

POST /prodinmaronessoaadb2c.onmicrosoft.com/oauth2/v2.0/token HTTP/1.1
Host: login.microsoftonline.com
Content-Type: multipart/form-data;boundary="boundary"

--boundary
Content-Disposition: form-data; name="client_id"

{client_id}
--boundary
Content-Disposition: form-data; name="client_secret"

{client_secret}
--boundary
Content-Disposition: form-data; name="grant_type"

client_credentials
--boundary
Content-Disposition: form-data; name="scope"

https://prodinmaronessoaadb2c.onmicrosoft.com/0e0d9b32-006f-4785-85c3-4dffc7bf02e8/.default
--boundary--

In its response, Azure AD B2C will provide you with a body that contains the token as well as its expiry in seconds (see example below). For the duration of that token's lifetime, the token should be passed in any call to the ReSKU RGA Service in the Authorization header using the format Bearer {token}. The token can be reused as many times as required until its lifetime expires, at which point Azure AD B2C should be called again to generate a new token.

{
    "token_type": "Bearer",
    "expires_in": 3599,
    "ext_expires_in": 3599,
    "access_token": "{token}"
}