Where retailers are using Fieldpine.com they can typically login with a username/password to gain access to retail APIs. If you are creating a standalone application to interact directly with fieldpine.com you may need to login.

This page only outlines the typical security policy used by most retailers. Some retailers can elect to change the authorisation process to both higher and lower security models.

Fieldpine APIs require all calls to have two components when connecting to Fieldpine.com APIs

1. An RmSystem value identifying the retailer in each URL reques
2. An X-Api-Key header in each HTTP request

You can discover both of these parameters using a specific call sequence.

Logging in with MFC and C++

CString MyLoginName = "bob@example.com";
CString MyLoginPassword = "theca$$tsatonthemjit";

// Create the XML Payload
// Both the LoginName and Password should be XML encoded (not shown)
CString AuthPayload;
AuthPayload.Format("<LGIN><f121>fieldpineone</f121><f2_s>%s</f2_s><f3_s>%s</f3_s></LGIN>",
    static_cast<LPCTSTR>(MyLoginName),
    static_cast<LPCTSTR>(MyLoginPassword));

CInternetSession sess;
CHttpConnection* pHttp = sess.GetHttpConnection("dev.fieldpine.com", 0, (short)443);

const char* Accept[2] = { "*/*", NULL };
CHttpFile* pRf = pHttp->OpenRequest("POST", "/gnap/j/LGIN", NULL, 1, (const char**)Accept, NULL, INTERNET_FLAG_SECURE);
pRf->AddRequestHeaders("Content-Type: application/xml\r\n", HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDREQ_FLAG_ADD);
pRf->SendRequest(NULL, 0, static_cast<LPCTSTR>(AuthPayload), AuthPayload.GetLength());

DWORD HttpStatus = 0;
pRf->QueryInfoStatusCode(HttpStatus);

char Buff[8192];
int rl = 0;
CString Reply;
do {
  rl = pRf->Read(Buff, sizeof(Buff));
  if (rl > 0) Reply += CString(Buff, rl);
} while (rl > 0);

// Done.  Reply now contains a JSON object with ApiKey and RmSystem