obsidian/wiki/tech-patterns/one2edit-api.md

title	aliases	tags	sources	created	updated
One2Edit API Integration	one2edit o2e	one2edit api translation 3m hm	01 Projects/3m-portal 01 Projects/hm-o2e-tool	2026-04-15	2026-04-15

One2Edit API Integration

One2Edit is an online editor/translation platform used by 3M and H&M for marketing document management. Oliver uses it at oliver.one2edit.com.

Key Takeaways

• API endpoint: https://oliver.one2edit.com/v3/Api.php
• Two auth modes: credential-based (service account) and session-based (externSessionId)
• CORS proxy required — browsers can't call the API directly (same-origin policy)
• The embedded editor uses the One2Edit JS SDK, not REST calls

When to Use

Any client project built on the One2Edit platform (3M, H&M).

Key Details

Two Auth Modes

Mode	When	How
Credential	Fetching job lists	Username → userId, then externSessionId
Session	Embedded editor	externSessionId in SDK config

3M Portal Auth Flow

1. Login: username → POST /Api.php → userId
2. Session: userId → POST /Api.php → externSessionId
3. Dashboard: externSessionId → fetch jobs (STARTED/RUNNING)
4. Editor: externSessionId → init One2Edit JS SDK

CORS Proxy (3M Portal)

// server.js
// All /api/* requests → oliver.one2edit.com/v3/Api.php
// Strips Location headers on 301/302 → returns 401
// Injects CORS headers
// Masks passwords in logs

Service Account

• 3M Portal uses portal@oliver.agency service account for job listing
• Client users get their own externSessionId for the embedded editor

Projects Using This Pattern

• 01 Projects/3m-portal/3M OMG Portal — Full portal: CORS proxy + Node.js backend + embedded SDK
• 01 Projects/hm-o2e-tool/HM O2E Tool — Static tool: image relinking + document export (no proxy needed — called directly or via python -m http.server)

Users API

GET /api/users?clientId=<id>

• clientId is required — the request silently fails or returns nothing without it
• Auth with service account session before calling
• Returns user list with email-format usernames

See wiki/concepts/one2edit-username-format for full details.

Gotchas & Lessons

• Username format is an email address — FirstnameSurname@oliver.agency (e.g. PaulJohns@oliver.agency). Never guess firstname.lastname — it doesn't exist as a format
• 301/302 redirects from One2Edit mean auth failure — the Node proxy converts them to 401 to prevent redirect loops in the browser
• sessionStorage (not localStorage) — sessions clear on browser close, which is correct for this auth model
• H&M O2E tool is static (no backend) — can run without a server for most operations
• The JS SDK for the embedded editor is loaded from One2Edit's CDN — needs externSessionId at init time

Related

• wiki/client-knowledge/hm — H&M projects
• wiki/tech-patterns/nodejs-vanilla-proxy — CORS proxy pattern