SMS and SMTP One-Time Password grant

Token Request

Parameters

NameDescription

grant_type = "http://globalsign.com/iam/sso/oauth2/grant-type/sms-mt-otp"

grant_type = "http://globalsign.com/iam/sso/oauth2/grant-type/smtp-otp"

For One-Time Password delivered by SMS

For One-Time Password delivered by SMTP

scope

A space separated list of scope values

Should always include "openid"

username The resource owner mobile phone number (msisdn) or e-mail address
ui_localesLanguage for sms or e-mail message

Optional parameters

x_globalsign_iam_otp_title

Title (or subject) of e-mail message 
x_globalsign_iam_otp_bodyMessage body, where provider replaces "{0}" sequence with One-Time Password

Response

Response to initial token request is a Json formatted document

NameDescription
x_globalsign_iam_challengeA Json object with "reference" token that must be used for Validation Request

Validation Request

Parameters

NameDescription
grant_typeMust hold value from initial token request
scopeMust hold value from initial token request
usernameMust hold value from initial token request
x_globalsign_iam_reference_id

Exact value of reference token from previous response

Note that this value is single-use, provider will generate new reference token for every request

x_globalsign_iam_otp_code

The resource owner One-Time Password

This password was delivered to resource owner by SMS or SMTP