7. Seamlessly logging in users

A third-party system may seamlessly login a user if the user's company is managed by that third-party system. This is especially useful for IFRAME integration where the login page may be bypassed completely.

7.1. How it works

Seamless login works with the use of a login_token which is a short-lived token generated for a specific user. It can only be obtained by a third-party system for users that belong to a company that is managed by the third-party system.

Workflow should be as following

  • Fetch the login token from the API endpoint

  • Render the iframe to the user with the appropriate query string (?login_token={login_token}) or use the login_url as the source of the IFRAME.


Third-party system requires the can_authenticate_as_users permission from the managed company.


Blockchain key is still required. Even though the user may be logged in automatically, blockchain key will still be needed for critical transactions, such as transferring the document.

7.2. Example

Example request using Bearer access token for authorization. See Authorization and authentication page on how to obtain a bearer token.

curl --location --request GET 'https://cargox.digital/api/v3/companies/by-id/b6a80d6c-34dd-48c2-95ae-e36d3ba88925/users/by-id/be6c5b4e-3d36-4a1f-9a8b-69a215518ccb/login-token/' \
--header 'Authorization: Bearer xXQj984YPDBT6tvz9NButrjP4CLyGF'


    "login_token": "IjRhODI3ZGRkLTA3ZGItNDJkMi1iYWIxLWI0NWUwMmY5YTEwZDpiZTZjNWI0ZS0zZDM2LTRhMWYtOWE4Yi02OWEyMTU1MThjY2Ii:1k1Q95:Z0LjvFTnwqPlHACaed1ogUuCMmU",
    "expires": "2019-03-18T08:39:38Z",
    "login_url": "https://cargox.digital/?login_token=IjRhODI3ZGRkLTA3ZGItNDJkMi1iYWIxLWI0NWUwMmY5YTEwZDpiZTZjNWI0ZS0zZDM2LTRhMWYtOWE4Yi02OWEyMTU1MThjY2Ii:1k1Q95:Z0LjvFTnwqPlHACaed1ogUuCMmU"