Vorgaenge-api authorization token

[b4sus]

Normally to obtain the authorization token we send username and password to https://api.europace.de/login.
When using older baufiSmart api (https://www.europace2.de/baufiSmart/check24/vorgang/angebote, https://www.europace2.de/baufiSmart/check24/angebot/gemerkt etc), we authenticate via https://www.europace2.de/partnermanagement/login using signed JWT (as described here: https://github.com/hypoport/europace2-api/blob/master/Partnermanagement/PEX-SSO-API.md).
That allows us to sign specific user without knowing his password and we would like to use the vorgaenge-api similarly.
Is this token (signed JWT) supposed to work also for the vorgaenge-api? Test suggest that no, resp. it is accepted using mock api (https://baufismart.api.europace.de/mock/vorgaenge/...), but not the actual api (returning 401).

[ptrsauer]

After signing in via PEX-SSO-API you receive another access token, which should be used in the following requests. This token should be a valid token for the vorgaenge-api, too. The mock instance of the APIs don't verify the given tokens.

All in all, we know that we have to improve and unify the login process for all our APIs, which is scheduled with a high priority.

[tomas-skalicky]

It works. Thank you for help.