Definition: In BEES, in order to be able to access the services is necessary to generate a JWT (JSON Web Token) using two credentials, client_id and client_secret. A JWT is a like a ticket that you give to BEES and BEES will analyze the information within the ticket, checking the permission and your identity, in order to verify if it will allow or restrict access to the place you want go.
Scenario: Lets say a new partner generates a JWT and the partner is the token to request information for orders placed. However, by mistaken the user sets a different country. BEES will analyze the token and will verify that this partner does not have any permission to access orders for a different country and will return an error. Once the user fix it and put the correct country, then the request will be successful because all permission and identification will be checked correctly and at the end of journey it will return all orders.
Your application can acquire a token to call a web API on behalf of itself (not on behalf of a user). This scenario is useful for external applications that run a batch process and needs to manipulate application data. It uses the standard OAuth 2.0 client credentials grant to obtain a valid token. OAuth 2.0 is one of the most popular and powerful authorization frameworks that enables a third-party application to obtain limited access to an HTTP service.
It can be accessed through the urls: