Authentication
Authentication occurs through a JSON Web Token [JWT]. The connecting device is only required to authenticate once. A manual response is required from the Chef device for this authentication.
Additional information:
The Chef Reporting API is available on HTTPS.
A valid TLS Certificate is added to the chef.penguinpos.com domain.
https://chef.penguinpos.com/pcu/server/public/index.php/api/customer/json-rpc/v1
Authentication Process
To authenticate [examples provided in Curl and PHP]:
The connecting device sends a request to Chef to authenticate and request a JWT:
Curl Example
curl --location --request POST'https://chef.penguinpos.com/pcu/server/public/index.php/api/json-rpc/v1' \--header 'Content-Type: application/json' \--data-raw '{"jsonrpc": "2.0","method": "Authentication.authenticateClient","params":[{}],"id":1}'PHP Example
?php$apiUrl = 'https://chef.penguinpos.com/pcu/server/public/index.php/api/json-rpc/v1';$payload = '{"method": "Authentication.authenticateClient","params": [{}],"id": 1,"jsonrpc": "2.0"}';$context = stream_context_create(array('http' => array('ignore_errors' => true,'method' => "POST",'header' => "Content-Type: application/json",'content' => $payload)));$result = file_get_contents($apiUrl, false, $context);var_dump($result);If the connecting device is registered, Chef generates a JWT and sends a response:
If the connecting device is not registered, [or is registered, but not authorized], a manual approval is required from Chef, before the response is sent.
For more information, see Registered Device Handling.
JSON Authentication Response
{"jsonrpc": "2.0","id": 1,"result": {"success": true,"data": {"token": "[jwt]","new_device": true},"error_num": 0,"error_message": "","undo_id": null,"undo_type": null,"undo_message": null,"errorForEndUser": null}}Add the JWT to the Authorization Header of the data call.