Handling Remote Authentication

The HasOffers API provides a remote authentication protocol that will allow you to implement a single sign-on or remote login solution where affiliates, advertisers, or employees can access the platform without manually applying their login credentials. This is especially useful when having users jump from one platform into HasOffers without having the user login to both systems.

The remote authentication uses a unique, hashed value to login a user to the platform for each unique session. This token is generated with the Authentication::findUserByCredentials API call. To have this token created, the set_token value must be passed and set to '1' for the token to be generated. The call structure for the retrieving the token:


The user’s email and password are required in the API call. When this call has been made, this will be the response:

"data": {
  "user_type": "affiliate_user",
  "user_id": "2",
  "user_status": "active",
  "account_status": "active",
  "hash": "e864f39cf0521423ce697db1652e216",
  "token": "2t434ReL9XHPnQ2eoTLOrBWPvD"

In the response is the generated single session token that can be used to login to the platform. Logging into the platform simply means passing the token on the end of this URL:


and including the token, along with using the network ID for your network:


When fired, the above URL will log the user into the your network. When the token is unique for each login, expiring after its use. A new token will need to be generated for future remote logins to the app.

Have a Question? Please contact [email protected] for technical support.