Getting a token using browser-based authentication

When you need SAML authentication to get a WebSDK token, you can follow these steps to get a token.

To get a token for a device

  1. To initiate the activation request, call POST Authorize/Device.
  2. Save the response for the next steps.
    HTTP/1.1 200 OK
    {
       "device_code":"mwMLUQJk...",
       "interval":5,
       "user_code":"B5AC-A75D",
       "verification_uri":"https://[IP address or FQDN]/aperture/activate",
       "verification_uri_complete":"https://[IP address or FQDN]/aperture/activate/03F5-0DCA",
       "expires_in":299,
       "expires":1648060646
    }

    DID YOU KNOW?   Depending on expires_in, you have about five minutes to activate, confirm. and get a token.

  3. To activate, open a browser. From the previous step, paste the verification_uri and type the user_code OR just paste verification_uri_complete.
  4. Review the information, and then click Confirm.

    Device Activate

  5. If the activation cancels or expires, retry Authorize/Device, and the updated URI.
  6. (Optional) Monitor events to determine when to get the token. These event definitions appear in the OAuth Device Authorization Aperture Module of Logging tree. Either monitor the channel from the Logging tree or call GET Log (with a valid token).
    Monitor events to determine when to get the token
    I want...

    UI Event
    Id (hex)

    GET Log
    Id

    Browser confirmation time, so I know when to get the token

    003C0000

    3932160

    Browser expiration or cancellation time, so I can retry

    003C0004

    3932164

  7. After confirmation, get the token. Use device_code to call POST Authorize/Token refresh.