The service user concept enables API connectivity that is linked to your customer number, without relying on a personal end-user account. This ensures stable API authentication, eliminating the risk of connectivity issues due to:

• Disabled or locked personal accounts

• Password changes

• Account removal by the customer administrator

Process Overview

1. Application Registration

   • Once your application is registered in our Identity Provider, you can initiate a service user creation via the Service Users API.

2. Authentication

   • The end-user must first authenticate using their Van Marcke account via the Authorization Code Flow or Resource Owner Password Flow to obtain a valid access token.

   • This user-specific access token allows you to call the Service Users API to create a service user linked to the same customer number.

   • Multiple service users can be created per client application (client_id).

3. Using a Service User

   • The created technical service user is used for API calls, ensuring customer-specific responses (e.g., personalized pricing in the Product Pricing API).

   • Since it is not tied to an individual’s personal account, the connectivity remains uninterrupted.

Service Users API

The Service Users API allows you to create a service user for your customer number in Van Marcke. This approach ensures stable connectivity, as service users are not affected by account lockouts, password resets, or user removals.

Creating a Service User

• Before creating a service user, an end-user must authenticate using the Authorization Code Flow to obtain an access token.

• This access token is used to:

  • Verify the end-user’s identity

  • Validate the linked customer number

  • Ensure the service user is correctly assigned to the customer number

Service User Naming & Storage

• If no service user exists for a customer number, a new service user can be created for each unique application-customer number combination (e.g., API-APP1-P123456, API-APP2-P123456).

• The end-user who initiates the service user creation will receive an email with the corresponding login credentials.

• The same credentials are also returned in the API response, allowing the client application to store them automatically for seamless integration.

For further assistance, contact api-support@vanmarcke.com.

Open

Process of service user creation

• Implement a login flow to get a valid access token by redirecting the end-user to https://api.vanmarcke.com/v1/oauth/authorize with the parameters redirect_uri, response_type = code and state.
  Example: https://api.vanmarcke.com/v1/oauth/authorize?response_type=code&redirect_uri=https://www.google.com/callback&state=123

Open

• With the returned code in the redirect_uri (?code=ytLO3jb2mxDOjvQJ66l7x17UNIhY61nO&state=123) you can now fetch a valid access token via the token endpoint: https://api.vanmarcke.com/v1/oauth/token

  Open

  

• The service response should contain a tag “access_token” which contains a JWT (JSON Web Token), which is basically a technical representation of your Van Marcke account.

• Call the serviceusers API to create a service user for this Van Marcke account using the valid access token (from previous step) as a Bearer authorization header.
  As a result, a service account will be create (if not already exists) and you get the service user credentials in the service response.

  Open

  

• You can now use this username and password to get a valid access Token via the Resource Owner Password Grant Type.

• Use this access token as Bearer authorization header in all your subsequent API calls (see API Security Policies).

If the service user already exists, you will get a 403 - Conflict as service response. If you want to reset the password of an existing service user, use the “GET” operation on the serviceuser API to fetch the user id and use the “resetPassword” endpoint to generate a new password.

Open

Open