{
    "componentChunkName": "component---src-templates-article-page-template-js",
    "path": "/concepts/users-and-authentication-in-flex/",
    "result": {"data":{"markdownRemark":{"frontmatter":{"title":"Users and authentication in Flex","slug":"users-and-authentication-in-flex","updated":"2022-05-16T00:00:00.000Z","category":"concepts-users-and-authentication","ingress":"This article explains how users are managed and how authentication and authorization works in Flex.","skills":null},"htmlAst":{"type":"root","children":[{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Anyone who registers to your Flex marketplace is referred to as a user.\nIn addition, the operator can take certain actions on the marketplace\neven though they are not technically a user there. Flex marketplaces\nonly facilitate transactions between registered users – in other words,\nit is not possible for someone to purchase or book a listing without\nsigning up as a user."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h2","properties":{"id":"user-roles-in-flex","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#user-roles-in-flex","ariaLabel":"user roles in flex permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"User roles in Flex"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Flex has two possible roles for a registered user: customer and\nprovider. All users can be both customers and providers by default. This\nmeans that even if a person has created a listing, which means they can\nbe a provider, they can also be a customer on someone else's listing."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"If you want to limit certain users to only customers or only providers,\nyou will need to create those limitations in your client application.\nYou can use "},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/concepts/extended-data-introduction/"},"children":[{"type":"text","value":"extended data"}]},{"type":"text","value":" to\ndetermine that a user is in a certain group, and then allow a subset of\nyour marketplace functionalities, e.g. listing creation, for a specified\ngroup."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"customer","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#customer","ariaLabel":"customer permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Customer"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"In a transaction, a "},{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"customer"}]},{"type":"text","value":" is the user who purchases or books the\nlisting. In marketplaces with payments, the customer is the user who\npays the listing price. Customers can save their payment details in\nFlex."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Customers need to enter a valid email address to sign up to Flex, but\nother than that customers are not required to enter further information\nto use the marketplace. When using the Stripe default payment\nintegration, customers can save a payment method, however the payment\nmethod information is saved in Stripe and not directly in Flex."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Within a transaction, customers can initiate or transition transactions\nspecified for the customer."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"provider","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#provider","ariaLabel":"provider permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Provider"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"When a user creates a listing and someone else books or purchases that\nlisting, the user becomes the "},{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"provider"}]},{"type":"text","value":" of the transaction in\nquestion. In marketplaces with payments, the provider is the transaction\nparty who receives the listing price."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"This means that if the payment happens within the marketplace, the\nprovider will need to verify their identity to the payment gateway to\nadhere to the payment processor's\n"},{"type":"element","tagName":"a","properties":{"href":"https://en.wikipedia.org/wiki/Know_your_customer","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"Know Your Customer requirements"}]},{"type":"text","value":"."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Within a transaction, providers can initiate or transition transactions\nspecified for the provider."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"transaction-related-roles-operator-and-system","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#transaction-related-roles-operator-and-system","ariaLabel":"transaction related roles operator and system permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Transaction related roles: operator and system"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"A "},{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"marketplace operator"}]},{"type":"text","value":" is not a user in the marketplace – they\ncannot sign in to the marketplace with the same credentials they use to\nsign in to Flex Console. The operator can, however, take actions on the\nmarketplace through Flex Console or Integration API, when those actions\nare defined for the operator. Operators cannot participate in the\nmessaging between customer and provider within the transaction."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"A transaction transition is performed by the "},{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"system"}]},{"type":"text","value":" if it is\nscheduled to happen automatically."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h2","properties":{"id":"user-access","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#user-access","ariaLabel":"user access permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"User access"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Flex marketplace listings can be viewed by anyone by default, whether\nthey are registered users or not. If a user wants to start a transaction\nor create a listing, they need to be registered to Flex."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"registered-marketplace-users","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#registered-marketplace-users","ariaLabel":"registered marketplace users permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Registered marketplace users"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Listings can only be updated by their author, i.e. the registered user\nwho originally created the listing. Operators can create listings for a\nregistered user, and update existing listings."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Beyond that, Flex does not have different levels of user access within\nthe marketplace. Operators who want to create more complex user\nhierarchies will need to think about the levels of user access they want\neach custom role to have and potentially use a custom backend solution\nto complement Flex default user management. If you are contemplating\ncreating a user hierarchy in your Flex marketplace, contact\n"},{"type":"element","tagName":"a","properties":{"href":"mailto:flex-support@sharetribe.com","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"Flex Support"}]},{"type":"text","value":" and let us know your\nuse case – we're happy to help you figure out a suitable solution!"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"login-as-user","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#login-as-user","ariaLabel":"login as user permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Login as user"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Flex has a feature through which operators can log in to their\nmarketplace as a registered user and take limited actions on their\nbehalf. When using the Login as user feature, operators cannot initiate\nor transition transactions or modify the user's payout information.\nHowever, they can e.g. create and update listings on behalf of the user.\nThe login as user feature can be accessed through the Flex Console, by\nnavigating to a user profile and clicking on the three dots next to the\nprofile image of the user."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"integration-api","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#integration-api","ariaLabel":"integration api permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Integration API"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Flex Integration API allows trusted secure applications to access all\ndata within a marketplace. It is not accessible for marketplace users\nwith their own sign-in credentials. Instead, Integration API can be used\nto create server-side integrations to external systems or retrieve data\nfor custom marketplace dashboards."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"authenticating-to-flex-apis","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#authenticating-to-flex-apis","ariaLabel":"authenticating to flex apis permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Authenticating to Flex APIs"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Flex marketplace users need to sign up with their email address to\ncreate listings and participate in transactions. Alternatively, they can\nuse "},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/concepts/social-logins-and-sso/"},"children":[{"type":"text","value":"social logins"}]},{"type":"text","value":" to sign up, or to\nlogin with an email address that already has a user within Flex."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Flex has a separate "},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/concepts/authentication-api/"},"children":[{"type":"text","value":"Authentication API"}]},{"type":"text","value":"\nthat handles authentication to other Flex APIs. Both Marketplace API and\nIntegration API require valid access tokens to be passed in every API\nrequest. If you use the "},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/concepts/js-sdk/"},"children":[{"type":"text","value":"Javascript SDKs"}]},{"type":"text","value":" in your\nmarketplace client application, they handle authenticating the user\nautomatically when they enter their credentials."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h2","properties":{"id":"banned-and-deleted-users","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#banned-and-deleted-users","ariaLabel":"banned and deleted users permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Banned and deleted users"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"When a user is banned or deleted, they can no longer take action on the\nmarketplace."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"banned-user","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#banned-user","ariaLabel":"banned user permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Banned user"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Banning a user means removing the user and all of the user’s listings\nfrom a marketplace due to inappropriate behaviour. The email with which\na banned user registered to the marketplace can not be used to create\nnew accounts. The user data is only visible when it is linked to, and\neven then only ID and banned status are shown."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Operators can ban and unban users through Flex Console, but there is no\nendpoint in the Flex APIs to ban a user."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"deleted-user","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#deleted-user","ariaLabel":"deleted user permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Deleted user"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Deleting a user means completely and irreversibly removing all of the\nuser's personal data. This includes all of the public-facing data like\nprofile and listings as well as the user account information."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Operators can delete users through Flex Console. In addition, there is\nan endpoint in Marketplace API so that operators can build a\nfunctionality for users to delete their own accounts. We have a how-to\nguide on\n"},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/how-to/implement-delete-user/"},"children":[{"type":"text","value":"implementing a "},{"type":"element","tagName":"em","properties":{},"children":[{"type":"text","value":"Delete user"}]},{"type":"text","value":" feature"}]},{"type":"text","value":"."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h2","properties":{"id":"authentication-in-flex","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#authentication-in-flex","ariaLabel":"authentication in flex permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Authentication in Flex"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"The Flex APIs limit visibility to certain data based on the\nauthentication level of the user. Marketplace API has three different\nlevels of access, whereas Integration API only has full access or no\naccess. This means that when using any Integration API endpoints, it is\ncrucial to only use them from a secure context i.e. from server code,\nnever from browser code."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Regardless of the level of access, each API endpoint requires an access\ntoken that can be acquired through Flex\n"},{"type":"element","tagName":"a","properties":{"href":"https://www.sharetribe.com/api-reference/authentication.html","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"Authentication API"}]},{"type":"text","value":".\nWhen using the "},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/concepts/js-sdk/"},"children":[{"type":"text","value":"Flex Javascript SDKs"}]},{"type":"text","value":", authentication\nis handled with\n"},{"type":"element","tagName":"a","properties":{"href":"https://sharetribe.github.io/flex-sdk-js/authentication.html","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"specific SDK methods for Marketplace API"}]},{"type":"text","value":"\nand\n"},{"type":"element","tagName":"a","properties":{"href":"https://sharetribe.github.io/flex-integration-sdk-js/authentication.html","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"upon instantiation in Integration API"}]},{"type":"text","value":"."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"anonymous-access-to-marketplace-api","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#anonymous-access-to-marketplace-api","ariaLabel":"anonymous access to marketplace api permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Anonymous access to Marketplace API"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Some endpoints can be accessed without signing in to Flex. These include\nviewing published listings, bookings and reviews, as well as public user\ndata."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"In addition, the user creation endpoints and password reset request\nendpoint can be called with an anonymous access token. Password reset\nendpoint requires a "},{"type":"element","tagName":"code","properties":{},"children":[{"type":"text","value":"passwordResetToken"}]},{"type":"text","value":" that is sent as a response to\nthe password reset request command, and the token is sent directly to\nthe email specified in the request."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"user-access-to-marketplace-api","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#user-access-to-marketplace-api","ariaLabel":"user access to marketplace api permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"User access to Marketplace API"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Only authenticated users can access endpoints that deal with updating\nuser information, creating and updating listings, and initiating and\ntransitioning transactions."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Through initiating and transitioning transactions, authenticated users\nhave access to functionalities that do not have specific endpoints. For\ninstance creating and accepting bookings and reviewing transaction\ncounterparties are actions that can only happen within the context of a\ntransaction process."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"trusted-access-to-marketplace-api","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#trusted-access-to-marketplace-api","ariaLabel":"trusted access to marketplace api permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Trusted access to Marketplace API"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Some transitions within a transaction process can include privileged\nactions that require a trusted context i.e. they are\n"},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/concepts/privileged-transitions/"},"children":[{"type":"text","value":"privileged transitions"}]},{"type":"text","value":". Privileged\nactions include\n"},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/references/transaction-process-actions/#actionprivileged-set-line-items"},"children":[{"type":"text","value":"setting the transaction line items"}]},{"type":"text","value":"\nand\n"},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/references/transaction-process-actions/#actionprivileged-update-metadata"},"children":[{"type":"text","value":"updating the transaction metadata"}]},{"type":"text","value":"."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"These transitions require a trusted token or a trusted SDK method, both\nof which are obtained using the Flex application client secret. In\npractice, the trusted context is a server environment. With the FTW\ntemplates, the client application server has default implementations of\ntrusted endpoints for\n"},{"type":"element","tagName":"a","properties":{"href":"https://github.com/sharetribe/ftw-daily/blob/master/server/api/initiate-privileged.js","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"initiating"}]},{"type":"text","value":"\nand\n"},{"type":"element","tagName":"a","properties":{"href":"https://github.com/sharetribe/ftw-daily/blob/master/server/api/transition-privileged.js","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"transitioning"}]},{"type":"text","value":"\ntransactions."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"full-access-to-integration-api","style":"position:relative;"},"children":[{"type":"element","tagName":"a","properties":{"href":"#full-access-to-integration-api","ariaLabel":"full access to integration api permalink","className":["anchor","before"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]},{"type":"text","value":"Full access to Integration API"}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"The Integration API offers access to the entire marketplace data. This\nincludes all users, listings, transactions, and messages. To see what\nendpoints you can access using the Integration API, refer to the\n"},{"type":"element","tagName":"a","properties":{"href":"https://www.sharetribe.com/api-reference/integration.html","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"Integration API reference"}]},{"type":"text","value":"."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"To access the Integration API you need a valid access token obtained\nthrough\n"},{"type":"element","tagName":"a","properties":{"href":"/docs/legacy/concepts/authentication-api/#authentication-api"},"children":[{"type":"text","value":"the Authentication API"}]},{"type":"text","value":"\nor the\n"},{"type":"element","tagName":"a","properties":{"href":"https://sharetribe.github.io/flex-integration-sdk-js/authentication.html","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"Sharetribe Flex Integration SDK"}]},{"type":"text","value":".\nYou should only grant access to trusted applications, such as ones that\nrun in your own backend systems or applications only authorized\nmarketplace operators can execute."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"In order to gain authorisation you need to authenticate using the client\nID and client secret of your Integration API application. Read more on\nhow to authenticate from the\n"},{"type":"element","tagName":"a","properties":{"href":"https://www.sharetribe.com/api-reference/authentication.html","target":"_blank","rel":["noopener","noreferrer"]},"children":[{"type":"text","value":"Authentication API reference"}]},{"type":"text","value":"."}]}],"data":{"quirksMode":false}},"headings":[{"value":"User roles in Flex","depth":2},{"value":"Customer","depth":3},{"value":"Provider","depth":3},{"value":"Transaction related roles: operator and system","depth":3},{"value":"User access","depth":2},{"value":"Registered marketplace users","depth":3},{"value":"Login as user","depth":3},{"value":"Integration API","depth":3},{"value":"Authenticating to Flex APIs","depth":3},{"value":"Banned and deleted users","depth":2},{"value":"Banned user","depth":3},{"value":"Deleted user","depth":3},{"value":"Authentication in Flex","depth":2},{"value":"Anonymous access to Marketplace API","depth":3},{"value":"User access to Marketplace API","depth":3},{"value":"Trusted access to Marketplace API","depth":3},{"value":"Full access to Integration API","depth":3}]}},"pageContext":{"slug":"users-and-authentication-in-flex","category":"concepts-users-and-authentication"}},
    "staticQueryHashes": ["3794076007","439097193","717698143"]}