Other errors in the response should cause the device to abort polling and ask the user to restart the flow.For securing APIs using OAuth2 in API Gateway for versions 10.2 and below please refer webMethods API Gateway tutorial Introduction If the user authorization is not complete the response will look as follows: Pending Response If present the issued scopes may differ from the requested scopes.ĭescribes how the token can be used. If not present the requested scopes where issued. The time to live of the access token in seconds
Only issued if the client is configured to receive refresh tokens
#IDENTITY API SCOPE APPROVAL UI VERIFICATION#
The device code from the Device Verification Endpoint Request Urn:ietf:params:oauth:grant-type:device_code The time is seconds the device_code and user_code is valid for The polling interval the device should respect when waiting for user approval The code the device should use to poll and retrieve tokens from the token endpointĪn image as data url to present, contains the verification_url_complete encoded The verification_url with the user_code added as query for shorthand access The URL the user should visit to enter the user_code and authenticate The code to present to the user, that the user needs to enter out of band List the scopes the client is requesting access to. *Mandatory if client authentication is of type secret, and the authentication is not done using basic authentication
The user uses another device (mobile or browser) to visit the URL presented. User Authentication and Device Authorization This contains the URL to visit and the code to enter. The result also may contain a QR code that the device can present to the user. The user needs to visit the URL and enter the code in order to authorize access for the device. In step two the Token Service also responds with a poll interval instructs the device on how often to check back in for the result.Ī URL and a Alphanumeric code is returned that should be presented to the user. A device code is also issued for the device to poll the status of the grant.
#IDENTITY API SCOPE APPROVAL UI PASSWORD#