title "How to Create GateToken for Api23 Service (Frontend and Backend are abbreviated in 'Server')"

boundary ReceiverAppOrJs as rec_page

boundary Api23Service as api23
entity ProvBackend as prov_back
database ProvDB as prov_db
database MemoryDB as bunt_db
entity SsoServer as sso_svr

autonumber

rec_page->api23: request /api23-js\n( Api23Key, RecUrl )\n @HtmHeader, \n Json @htmBody

activate api23

api23->prov_back: request /gate-token-get-api23hash

activate prov_back
prov_back->prov_back: extract Api23Hash<-Api23Key
bunt_db->prov_back: get GateToken %Api23Hash
prov_back->api23: response gate-token or 505
deactivate prov_back

note over api23: [if exists] jump GateToken@Api65Hash addr

api23->api23: get ClientId@SysVars, \nReferer@HtmHeader
api23->prov_back: request\n/gate-token-get \nwith ClientId, BB64 in json & \n(Referer, Api23Key)@htmHeader

activate prov_back
prov_back->sso_svr: request /key-pair-get %ClientID
activate sso_svr
sso_svr->prov_back: respond KeyPair
deactivate sso_svr

prov_db->prov_back: get Api23eKeyPair@setup table
prov_back->prov_back: decrypt Api23KeyPair \n $Api23eKeyPair, KeyPair
prov_back->prov_back: decrypt Api23Key %Api23KeyPair \n #(ClientId, RecUrl, SsoSubId)

note over prov_back
[if not]
ClientId@HtmHeader = ClientId
Referer@HtmHeader = RecUrl
(app does NOT have the referer)
end note
prov_back->api23: fail

prov_back->prov_back: get GateToken, GTB # BB23, KeyPair 
prov_back->bunt_db: save GateTokenInfo@GateToken

note over prov_back: [if receiver_type=js]

prov_back->bunt_db: save GateToken@Api23Hash
prov_back->api23: response OK \nwithout json data

note over prov_back: [else if receiver_type= web or app]
prov_back->api23: response OK \nwith GateToken
api23->rec_page: response OK \nwith GateToken

note over prov_back: [end if]

deactivate prov_back
deactivate api23
note over api23: Jump: GateToken@Api65Hash addr

api23->api23: insert GateToken &\n Referer in Htm Header

api23->prov_back: request regular Dabory API 
activate prov_back

prov_back->api23: response Dabory API result
deactivate prov_back
api23->rec_page: response Js API result
deactivate api23