SMS and SMTP One-Time Password grant - SSO
Token Request
Parameters
Name | Description |
---|---|
grant_type = "http://globalsign.com/iam/sso/oauth2/grant-type/sms-mt-otp" grant_type = "http://globalsign.com/iam/sso/oauth2/grant-type/smtp-otp" | For One-Time Password delivered by SMS For One-Time Password delivered by SMTP |
scope | A space separated list of scope values Should always include "openid" |
username | The resource owner mobile phone number (msisdn) or e-mail address |
ui_locales | Language for sms or e-mail message |
Optional parameters | |
x_globalsign_iam_otp_title | Title (or subject) of e-mail message |
x_globalsign_iam_otp_body | Message body, where provider replaces "{0}" sequence with One-Time Password |
Response
Response to initial token request is a Json formatted document
Name | Description |
---|---|
x_globalsign_iam_challenge | A Json object with "reference" token that must be used for Validation Request |
Validation Request
Parameters
Name | Description |
---|---|
grant_type | Must hold value from initial token request |
scope | Must hold value from initial token request |
username | Must hold value from initial token request |
x_globalsign_iam_reference_id | Exact value of reference token from previous response Note that this value is single-use, provider will generate new reference token for every request |
x_globalsign_iam_otp_code | The resource owner One-Time Password This password was delivered to resource owner by SMS or SMTP |
This web page (including any attachments) may contain confidential, proprietary, or privileged information – not for disclosure without authorization from Ubisecure Inc. Copyright © 2024. All Rights Reserved.