Quick Start
You need a Noon Partner account to follow this guide. If you don't have one yet, check Noon's Partner onboarding process.
1. Get your credentials
- Open the Access App
- Click Add Service Account, fill in a display name, username, and role, then click Add
- A
.jsonkey file will download — this is your credential file
Keep this file secure
Never commit your .json credential file to source control. It contains your private key.
For the full walkthrough see Getting Your Credentials.
2. Authenticate
Use your .json file to generate a JWT and exchange it for a session cookie. All subsequent API requests use that cookie.
Required header
All API requests must include a User-Agent header identifying your application. Requests without it may be rejected.
- Python
- Go
- Java
- Node.js
- PHP
- .NET
- Ruby
- C
- Curl/Bash
import json
import time
import uuid
import jwt
import requests
with open('noon_credentials_sensitive.json', 'r') as file:
credentials = json.load(file)
def create_jwt():
private_key_pem = credentials['private_key']
payload = {
"sub": credentials['key_id'],
"iat": int(time.time()),
"jti": str(uuid.uuid4())
}
token = jwt.encode(
payload,
private_key_pem,
algorithm="RS256",
)
return token
def get_authenticated_session():
session = requests.Session()
session.headers.update({'User-Agent': 'REPLACE_WITH_YOUR_USER_AGENT'})
response = session.post('https://noon-api-gateway.noon.partners/identity/public/v1/api/login', data=json.dumps({
'token': create_jwt(),
'default_project_code': credentials["project_code"]
}))
assert response.status_code == 200, response.json()
return session
# the response from above will contain the auth cookie,
# which can be used for subsequent authenticated requests
# if using an HTTP client which maintains cookies
session = get_authenticated_session()
data = session.get('https://noon-api-gateway.noon.partners/identity/v1/whoami')
assert data.status_code == 200
print('Logged in as: ' + json.dumps(data.json()))
package main
import (
"bytes"
"crypto/rsa"
"crypto/x509"
"encoding/json"
"encoding/pem"
"fmt"
"io"
"net/http"
"net/http/cookiejar"
"os"
"time"
"github.com/golang-jwt/jwt/v5"
)
type Credentials struct {
PrivateKey string `json:"private_key"`
KeyID string `json:"key_id"`
ProjectCode string `json:"project_code"`
}
func parseRSAPrivateKey(pemStr string) (*rsa.PrivateKey, error) {
block, _ := pem.Decode([]byte(pemStr))
if block == nil {
return nil, fmt.Errorf("failed to parse PEM block")
}
priv, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil, fmt.Errorf("failed to parse PKCS8: %w", err)
}
rsaKey, ok := priv.(*rsa.PrivateKey)
if !ok {
return nil, fmt.Errorf("not an RSA private key")
}
return rsaKey, nil
}
func createJWT(keyID string, privKey *rsa.PrivateKey) (string, error) {
now := time.Now()
claims := jwt.RegisteredClaims{
Subject: keyID,
IssuedAt: jwt.NewNumericDate(now),
ID: fmt.Sprintf("%d", time.Now().UnixNano()),
}
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
return token.SignedString(privKey)
}
func getAuthenticatedClient() *http.Client {
// Load credentials.json
data, err := os.ReadFile("noon_credentials_sensitive.json")
if err != nil {
panic(fmt.Sprintf("Failed to read noon_credentials_sensitive.json: %v", err))
}
var creds Credentials
if err := json.Unmarshal(data, &creds); err != nil {
panic(fmt.Sprintf("Failed to parse noon_credentials_sensitive.json: %v", err))
}
// Parse private key
privKey, err := parseRSAPrivateKey(creds.PrivateKey)
if err != nil {
panic(fmt.Sprintf("Failed to parse private key: %v", err))
}
// Create JWT
jwtToken, err := createJWT(creds.KeyID, privKey)
if err != nil {
panic(fmt.Sprintf("Failed to create JWT: %v", err))
}
// Create HTTP client with cookie jar
jar, _ := cookiejar.New(nil)
client := &http.Client{Jar: jar}
// Prepare login request
loginPayload := map[string]interface{}{
"token": jwtToken,
"default_project_code": creds.ProjectCode,
}
loginBody, _ := json.Marshal(loginPayload)
loginReq, _ := http.NewRequest("POST", "https://noon-api-gateway.noon.partners/identity/public/v1/api/login", bytes.NewBuffer(loginBody))
loginReq.Header.Set("Content-Type", "application/json")
loginReq.Header.Set("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT")
// Login request
resp, err := client.Do(loginReq)
if err != nil {
panic(fmt.Sprintf("Login request failed: %v", err))
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
bodyBytes, _ := io.ReadAll(resp.Body)
panic(fmt.Sprintf("Login failed (%d): %s", resp.StatusCode, string(bodyBytes)))
}
fmt.Println("Login successful.")
for _, c := range resp.Cookies() {
fmt.Printf("Received cookie: %s=%s\n\n", c.Name, c.Value)
}
return client
}
func main() {
client := getAuthenticatedClient()
// the response from above will contain the auth cookie,
// which can be used for subsequent authenticated requests
// if using an HTTP client which maintains cookies
whoamiReq, _ := http.NewRequest("GET", "https://noon-api-gateway.noon.partners/identity/v1/whoami", nil)
whoamiReq.Header.Set("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT")
resp, err = client.Do(whoamiReq)
if err != nil {
panic(fmt.Sprintf("Whoami request failed: %v", err))
}
defer resp.Body.Close()
bodyBytes, _ := io.ReadAll(resp.Body)
fmt.Printf("whoami response (%d): %s\n\n", resp.StatusCode, string(bodyBytes))
}
package com.noon;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.fasterxml.jackson.databind.ObjectMapper;
import okhttp3.*;
import java.io.File;
import java.security.interfaces.RSAPrivateKey;
import java.time.Instant;
import java.util.*;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
public class PemUtils {
public static RSAPrivateKey readPrivateKeyFromPem(String pem) throws Exception {
String privateKeyPEM = pem
.replace("-----BEGIN PRIVATE KEY-----", "")
.replace("-----END PRIVATE KEY-----", "")
.replaceAll("\\s", "");
byte[] encoded = Base64.getDecoder().decode(privateKeyPEM);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded);
KeyFactory kf = KeyFactory.getInstance("RSA");
return (RSAPrivateKey) kf.generatePrivate(keySpec);
}
}
public class ServiceAccountExample {
public static OkHttpClient getAuthenticatedClient() throws Exception {
ObjectMapper mapper = new ObjectMapper();
// Load credentials.json
Map<String, Object> credentials = mapper.readValue(new File("noon_credentials_sensitive.json"), Map.class);
String privateKeyPem = (String) credentials.get("private_key");
String keyId = (String) credentials.get("key_id");
String projectCode = (String) credentials.get("project_code");
// Convert PEM to RSA Private Key
RSAPrivateKey privateKey = PemUtils.readPrivateKeyFromPem(privateKeyPem);
// Create JWT
long now = Instant.now().getEpochSecond();
String jti = UUID.randomUUID().toString();
String token = JWT.create()
.withSubject(keyId)
.withIssuedAt(java.util.Date.from(Instant.ofEpochSecond(now)))
.withJWTId(jti)
.sign(Algorithm.RSA256(null, privateKey));
OkHttpClient client = new OkHttpClient.Builder()
.cookieJar(new CookieJar() {
private List<Cookie> cookies = new ArrayList<>();
@Override
public void saveFromResponse(HttpUrl url, List<Cookie> cookies) {
this.cookies = cookies;
}
@Override
public List<Cookie> loadForRequest(HttpUrl url) {
return cookies != null ? cookies : new ArrayList<>();
}
})
.build();
// Login
Map<String, Object> loginPayload = new HashMap<>();
loginPayload.put("token", token);
loginPayload.put("default_project_code", projectCode);
RequestBody loginBody = RequestBody.create(
mapper.writeValueAsString(loginPayload),
MediaType.parse("application/json")
);
Request loginRequest = new Request.Builder()
.url("https://noon-api-gateway.noon.partners/identity/public/v1/api/login")
.post(loginBody)
.header("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT")
.build();
try (Response response = client.newCall(loginRequest).execute()) {
if (!response.isSuccessful()) {
throw new RuntimeException("Login failed: " + response.code() + " " + response.body().string());
}
System.out.println("Login response: " + response.body().string());
}
return client;
}
public static void main(String[] args) throws Exception {
OkHttpClient client = getAuthenticatedClient();
// whoami
Request whoamiRequest = new Request.Builder()
.url("https://noon-api-gateway.noon.partners/identity/v1/whoami")
.get()
.header("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT")
.build();
try (Response response = client.newCall(whoamiRequest).execute()) {
if (!response.isSuccessful()) {
throw new RuntimeException("Whoami failed: " + response.code() + " " + response.body().string());
}
System.out.println("Whoami response: " + response.body().string());
}
}
}
import fs from "fs";
import jwt from "jsonwebtoken";
import axios from "axios";
import { wrapper } from "axios-cookiejar-support";
import { CookieJar } from "tough-cookie";
async function getAuthenticatedClient() {
// Load credentials.json
const creds = JSON.parse(fs.readFileSync("noon_credentials_sensitive.json", "utf8"));
const privateKey = creds.private_key;
const keyId = creds.key_id;
const projectCode = creds.project_code;
// Create JWT
const now = Math.floor(Date.now() / 1000);
const payload = {
sub: keyId,
iat: now,
jti: String(Date.now()),
};
const token = jwt.sign(payload, privateKey, { algorithm: "RS256" });
// Create Axios instance with cookie jar
const jar = new CookieJar();
const client = wrapper(axios.create({ jar }));
// Login request
const loginResponse = await client.post(
"https://noon-api-gateway.noon.partners/identity/public/v1/api/login",
{
token: token,
default_project_code: projectCode,
},
{
headers: {
"Content-Type": "application/json",
"User-Agent": "REPLACE_WITH_YOUR_USER_AGENT"
},
}
);
console.log("Login successful.");
console.log(loginResponse.data);
return client;
}
(async () => {
const client = await getAuthenticatedClient();
// the response from above will contain the auth cookie,
// which can be used for subsequent authenticated requests
// if using an HTTP client which maintains cookies
const whoamiResponse = await client.get("https://noon-api-gateway.noon.partners/identity/v1/whoami", {
headers: {
"User-Agent": "REPLACE_WITH_YOUR_USER_AGENT"
}
});
console.log("whoami:", whoamiResponse.data);
})();
<?php
require 'vendor/autoload.php';
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
use GuzzleHttp\Client;
use GuzzleHttp\Cookie\CookieJar;
// Load credentials
$creds = json_decode(file_get_contents("noon_credentials_sensitive.json"), true);
$privateKey = $creds["private_key"];
$keyId = $creds["key_id"];
$projectCode = $creds["project_code"];
// Create JWT payload
$now = time();
$payload = [
"sub" => $keyId,
"iat" => $now,
"jti" => uniqid()
];
// Sign JWT
$jwt = JWT::encode($payload, $privateKey, "RS256");
// Create HTTP client with cookie jar
$jar = new CookieJar();
$client = new Client([
'cookies' => $jar,
]);
// Login request
$response = $client->post('https://noon-api-gateway.noon.partners/identity/public/v1/api/login', [
'headers' => [
'User-Agent' => 'REPLACE_WITH_YOUR_USER_AGENT',
],
'json' => [
'token' => $jwt,
'default_project_code' => $projectCode,
]
]);
if ($response->getStatusCode() !== 200) {
throw new Exception("Login failed: " . $response->getBody());
}
echo "Login successful.\n";
echo $response->getBody() . "\n\n";
// the response from above will contain the auth cookie,
// which can be used for subsequent authenticated requests
// if using an HTTP client which maintains cookies
$response = $client->get('https://noon-api-gateway.noon.partners/identity/v1/whoami', [
'headers' => [
'User-Agent' => 'REPLACE_WITH_YOUR_USER_AGENT',
]
]);
echo "whoami ({$response->getStatusCode()}):\n";
echo $response->getBody() . "\n\n";
.NET
using System;
using System.IO;
using System.Text;
using System.Text.Json;
using System.Text.Json.Serialization;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Security.Cryptography;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using Newtonsoft.Json.Linq;
class Credentials
{
[JsonPropertyName("private_key")]
public string PrivateKey { get; set; }
[JsonPropertyName("key_id")]
public string KeyId { get; set; }
[JsonPropertyName("project_code")]
public string ProjectCode { get; set; }
}
class Program
{
static async System.Threading.Tasks.Task<HttpClient> GetAuthenticatedClient()
{
// Load credentials
var json = File.ReadAllText("noon_credentials_sensitive.json");
var creds = JsonSerializer.Deserialize<Credentials>(json);
if (creds == null)
{
throw new Exception("Failed to deserialize credentials");
}
// Parse RSA private key
RSA rsa = RSA.Create();
rsa.ImportFromPem(creds.PrivateKey.ToCharArray());
var securityKey = new RsaSecurityKey(rsa);
// Create JWT
var now = DateTimeOffset.UtcNow;
var jwtHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new System.Security.Claims.ClaimsIdentity(new[]
{
new System.Security.Claims.Claim("sub", creds.KeyId),
new System.Security.Claims.Claim("jti", Guid.NewGuid().ToString())
}),
IssuedAt = now.UtcDateTime,
SigningCredentials = new SigningCredentials(securityKey, SecurityAlgorithms.RsaSha256)
};
var token = jwtHandler.CreateToken(tokenDescriptor);
var jwt = jwtHandler.WriteToken(token);
var handler = new HttpClientHandler { UseCookies = true };
var client = new HttpClient(handler);
client.DefaultRequestHeaders.Add("User-Agent", "REPLACE_WITH_YOUR_USER_AGENT");
// Login request
var loginPayload = new
{
token = jwt,
default_project_code = creds.ProjectCode
};
var loginContent = new StringContent(JsonSerializer.Serialize(loginPayload), Encoding.UTF8, "application/json");
var loginResponse = await client.PostAsync("https://noon-api-gateway.noon.partners/identity/public/v1/api/login", loginContent);
if (!loginResponse.IsSuccessStatusCode)
{
var error = await loginResponse.Content.ReadAsStringAsync();
throw new Exception($"Login failed: {loginResponse.StatusCode}\n{error}");
}
Console.WriteLine("Login successful.");
var loginResult = await loginResponse.Content.ReadAsStringAsync();
Console.WriteLine(loginResult);
return client;
}
static async System.Threading.Tasks.Task Main(string[] args)
{
using var client = await GetAuthenticatedClient();
// the response from above will contain the auth cookie,
// which can be used for subsequent authenticated requests
// if using an HTTP client which maintains cookies
var whoamiResponse = await client.GetAsync("https://noon-api-gateway.noon.partners/identity/v1/whoami");
var whoamiContent = await whoamiResponse.Content.ReadAsStringAsync();
Console.WriteLine($"\nwhoami ({whoamiResponse.StatusCode}):\n{whoamiContent}");
}
}
require "json"
require "openssl"
require "jwt"
require "uri"
require "net/http"
require "securerandom"
# Load credentials
creds = JSON.parse(File.read("noon_credentials_sensitive.json"))
private_key_pem = creds["private_key"]
key_id = creds["key_id"]
project_code = creds["project_code"]
# Parse RSA private key
rsa_key = OpenSSL::PKey::RSA.new(private_key_pem)
# Create JWT
now = Time.now.to_i
payload = {
sub: key_id,
iat: now,
jti: SecureRandom.uuid
}
token = JWT.encode(payload, rsa_key, "RS256")
# below code is for demo
# - you can use http gem instead for net/http and use its CookieJar
# jar = HTTP::CookieJar.new
# client = HTTP.cookies(jar)
# client.post(...)
# Cookie storage
cookies = {}
# Helper to update cookies
def store_cookies(response, cookies)
response.get_fields("Set-Cookie")&.each do |cookie|
parts = cookie.split(";")[0]
key, value = parts.split("=", 2)
cookies[key] = value
end
end
def make_request(uri_str, method, body=nil, headers={}, cookies={})
uri = URI(uri_str)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
req_class = case method
when :get then Net::HTTP::Get
when :post then Net::HTTP::Post
end
req = req_class.new(uri.request_uri)
req["Content-Type"] = "application/json"
req["User-Agent"] = "REPLACE_WITH_YOUR_USER_AGENT"
req["x-locale"] = "en"
req.body = body if body
req["Cookie"] = cookies.map { |k,v| "#{k}=#{v}" }.join("; ") unless cookies.empty?
http.request(req)
end
# Login request
login_body = JSON.generate({
token: token,
default_project_code: project_code
})
resp = make_request("https://noon-api-gateway.noon.partners/identity/public/v1/api/login", :post, login_body)
unless resp.is_a?(Net::HTTPSuccess)
raise "Login failed: #{resp.code}\n#{resp.body}"
end
puts "Login successful."
puts resp.body
store_cookies(resp, cookies)
# the response from above will contain the auth cookie,
# which can be used for subsequent authenticated requests
# if using an HTTP client which maintains cookies
resp = make_request("https://noon-api-gateway.noon.partners/identity/v1/whoami", :get, nil, {}, cookies)
puts "\nwhoami (#{resp.code}):\n#{resp.body}"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <uuid/uuid.h>
#include <jansson.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/bio.h>
#include <openssl/buffer.h>
#include <curl/curl.h>
#define BUFFER_SIZE 8192
char *base64url_encode(const unsigned char *input, int length) {
BIO *bmem = NULL, *b64 = NULL;
BUF_MEM *bptr;
char *buff, *p;
int i, len;
b64 = BIO_new(BIO_f_base64());
bmem = BIO_new(BIO_s_mem());
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
b64 = BIO_push(b64, bmem);
BIO_write(b64, input, length);
BIO_flush(b64);
BIO_get_mem_ptr(b64, &bptr);
// Copy buffer
buff = (char *)malloc(bptr->length + 1);
memcpy(buff, bptr->data, bptr->length);
buff[bptr->length] = 0;
// Convert to base64url
for (i = 0, p = buff; p[i]; i++) {
if (p[i] == '+') p[i] = '-';
else if (p[i] == '/') p[i] = '_';
}
// Remove '=' padding
len = strlen(buff);
while (len > 0 && buff[len - 1] == '=') buff[--len] = 0;
BIO_free_all(b64);
return buff;
}
EVP_PKEY *load_private_key(const char *pem_key) {
BIO *bio = BIO_new_mem_buf((void *)pem_key, -1);
EVP_PKEY *pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
BIO_free(bio);
return pkey;
}
size_t write_callback(void *ptr, size_t size, size_t nmemb, void *userdata) {
fwrite(ptr, size, nmemb, stdout);
return size * nmemb;
}
int main() {
// Load credentials.json
json_error_t error;
json_t *root = json_load_file("noon_credentials_sensitive.json", 0, &error);
if (!root) {
fprintf(stderr, "Error loading credentials.json: %s\n", error.text);
return 1;
}
const char *private_key = json_string_value(json_object_get(root, "private_key"));
const char *key_id = json_string_value(json_object_get(root, "key_id"));
const char *channel_identifier = json_string_value(json_object_get(root, "channel_identifier"));
const char *project_code = json_string_value(json_object_get(root, "projectCode"));
if (!private_key || !key_id || !channel_identifier || !project_code) {
fprintf(stderr, "Missing fields in credentials.json\n");
return 1;
}
json_t *header_json = json_pack("{s:s, s:s}", "alg", "RS256", "typ", "JWT");
char *header_str = json_dumps(header_json, JSON_COMPACT);
// Build payload JSON
time_t now = time(NULL);
char uuid_str[37]; // 36 bytes + null terminator
uuid_t uuid;
uuid_generate(uuid);
uuid_unparse(uuid, uuid_str);
json_t *payload_json = json_pack(
"{s:s, s:i, s:i, s:s}",
"sub", key_id,
"iat", (int)now,
"jti", uuid_str
);
char *payload_str = json_dumps(payload_json, JSON_COMPACT);
char *header_b64 = base64url_encode((const unsigned char *)header_str, strlen(header_str));
char *payload_b64 = base64url_encode((const unsigned char *)payload_str, strlen(payload_str));
char signing_input[BUFFER_SIZE];
snprintf(signing_input, sizeof(signing_input), "%s.%s", header_b64, payload_b64);
// Sign with RSA-SHA256
EVP_PKEY *pkey = load_private_key(private_key);
if (!pkey) {
fprintf(stderr, "Error loading private key.\n");
return 1;
}
EVP_MD_CTX *ctx = EVP_MD_CTX_new();
EVP_SignInit(ctx, EVP_sha256());
EVP_SignUpdate(ctx, signing_input, strlen(signing_input));
unsigned char sig[BUFFER_SIZE];
unsigned int sig_len;
if (!EVP_SignFinal(ctx, sig, &sig_len, pkey)) {
fprintf(stderr, "Error signing JWT.\n");
return 1;
}
EVP_MD_CTX_free(ctx);
EVP_PKEY_free(pkey);
char *sig_b64 = base64url_encode(sig, sig_len);
// Final JWT
char jwt[BUFFER_SIZE];
snprintf(jwt, sizeof(jwt), "%s.%s.%s", header_b64, payload_b64, sig_b64);
printf("\n[JWT]\n%s\n\n", jwt);
CURL *curl = curl_easy_init();
if (!curl) {
fprintf(stderr, "Failed to initialize libcurl.\n");
return 1;
}
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Content-Type: application/json");
headers = curl_slist_append(headers, "User-Agent: REPLACE_WITH_YOUR_USER_AGENT");
char post_data[BUFFER_SIZE];
snprintf(
post_data,
sizeof(post_data),
"{\"token\":\"%s\", \"default_project_code\":\"%s\"}",
jwt,
project_code
);
CURLcode res;
// Login
printf("[Request] Logging in...\n");
curl_easy_setopt(curl, CURLOPT_URL, "https://noon-api-gateway.noon.partners/identity/public/v1/api/login");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, post_data);
curl_easy_setopt(curl, CURLOPT_COOKIEJAR, "cookies.txt");
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
res = curl_easy_perform(curl);
printf("\n");
// whoami
printf("\n[Request] whoami...\n");
curl_easy_setopt(curl, CURLOPT_URL, "https://noon-api-gateway.noon.partners/identity/v1/whoami");
curl_easy_setopt(curl, CURLOPT_HTTPGET, 1L);
curl_easy_setopt(curl, CURLOPT_COOKIEFILE, "cookies.txt");
res = curl_easy_perform(curl);
printf("\n");
// Cleanup
curl_slist_free_all(headers);
curl_easy_cleanup(curl);
free(header_str);
free(payload_str);
free(header_b64);
free(payload_b64);
free(sig_b64);
json_decref(header_json);
json_decref(payload_json);
json_decref(root);
return 0;
}
#!/usr/bin/env bash
export JWT=$(python generate_jwt.py) # replace with language of your choice
export PROJECT_CODE="your_project_code_here" # replace with your project code
touch cookies.txt
curl -i -c cookies.txt \
-H "Content-Type: application/json" \
-H "User-Agent: REPLACE_WITH_YOUR_USER_AGENT" \
-d '{
"token": "'"$JWT"'",
"default_project_code": "'"$PROJECT_CODE"'"
}' \
https://noon-api-gateway.noon.partners/identity/public/v1/api/login
curl -b cookies.txt \
-H "User-Agent: REPLACE_WITH_YOUR_USER_AGENT" \
https://noon-api-gateway.noon.partners/identity/v1/whoami
You're authenticated. Visit the API Reference for the full list of available endpoints.