Animadoria at 16:02, 30 April 2025

2025-04-30T16:02:07Z

← Older revision		Revision as of 16:02, 30 April 2025
Line 36:		Line 36:
	The following data elements would be returned in the response		The following data elements would be returned in the response

	~~<pre>~~ * token		* token
	o expiresIn -- Expiry time in secs		** expiresIn -- Expiry time in secs
	o a - Authentication Token that can be used to invoke other services		** a - Authentication Token that can be used to invoke other services
	* redirectURL -- Redirect URL where the user should be redirected to.~~</pre>~~		* redirectURL -- Redirect URL where the user should be redirected to.
	If the requested response format is xml or json and 'succUrl' parameter is provided in the request, the response data will be url encoded and appended to the 'succUrl' as a Query Parameter "res". ex. ${succUrl}?res=<response-data>.		If the requested response format is xml or json and 'succUrl' parameter is provided in the request, the response data will be url encoded and appended to the 'succUrl' as a Query Parameter "res". ex. ${succUrl}?res=<response-data>.

Animadoria: Created page with "{{Protocols/WebAPI}} This page is about the getToken method for WebAPI Web App authentication. Returns an NINA Authentication Token for an already authenticated user. The Authentication Token can be used to invoke Identity based NINA Services on behalf of the user or can be used to check user's Authentication status. This method can be invoked either as a redirect or as a JSON/JSONP call from the browser but cannot be invoked from Serve..."

2025-04-30T15:41:55Z

Created page with "{{Protocols/WebAPI}} This page is about the getToken method for WebAPI Web App authentication. Returns an NINA Authentication Token for an already authenticated user. The Authentication Token can be used to invoke Identity based NINA Services on behalf of the user or can be used to check user's Authentication status. This method can be invoked either as a redirect or as a JSON/JSONP call from the browser but cannot be invoked from Serve..."

New page

{{Protocols/WebAPI}}

This page is about the getToken method for [[Protocols/WebAPI/Auth/WebApp|WebAPI Web App]] authentication.

Returns an NINA Authentication Token for an already authenticated user. The Authentication Token can be used to invoke Identity based NINA Services on behalf of the user or can be used to check user's Authentication status. This method can be invoked either as a redirect or as a JSON/JSONP call from the browser but cannot be invoked from Server Side as it depends on Secure Authentication Cookies set in the user's browser.

If the user is not already authenticated, a response with statusCode '401' (Authentication Required) along with a login redirectURL is returned.

* URL
** http(s)://api.nina.chat/auth/getToken
* HTTP Method
** GET or POST
* Arguments
** devId (required)
*** your developer Id required to access NINA APIs
** f (required)
*** the required format of the response (json or xml or qs)
** succUrl (optional)
*** the destination url where the site wants the user to be redirected to upon success or failure. If no succUrl is provided, it would be assumed that the calling site is using JSON/JSONPcall and the response is simply returned as a JSON object.
*** NOTE: The succUrl is used as the "Trust Url" that's displayed to the users and also used to limit the scope of the Authentication Token.
*** If no succUrl is used, the REFERER header will be used as the "Trust Url".
*** If neither succUrl nor REFERER header are available, then the request would be blocked.
** s (optional)
*** the loginID of the source user (if known)
** language (optional)
*** the required language and locale of the error/status messages. This is always in "<lang>-<locale>" format. The lang is the 2 letter language code for I18N (default: en) and the locale is the 2 letter Locale code for I18N (default: us). If not passed in, the language will be extracted from HTTP header (Accept-Language) and if that is not available will default to "en-us". Check below for our current supported language list.
** tokenType (optional)
*** "shortterm" (session based token - max life 24 hrs - default) or "longterm" (valid for 1 year) or any non-negative long value representing the required Token validity in seconds
** c (optional)
*** the callback method to use when using jsonp convention (argument f = json)
** r (optional)
*** an URL safe string to be used as requestId - when passed it is returned back in the response

== Response Format ==

The following data elements would be returned in the response

<pre> * token
o expiresIn -- Expiry time in secs
o a - Authentication Token that can be used to invoke other services
* redirectURL -- Redirect URL where the user should be redirected to.</pre>
If the requested response format is xml or json and 'succUrl' parameter is provided in the request, the response data will be url encoded and appended to the 'succUrl' as a Query Parameter "res". ex. ${succUrl}?res=<response-data>.

=== The XML standard wrapper ===

<pre> <response>

<statusCode />
<statusText />
<statusDetailCode />
<requestId />
<data>
....
</data>

</response> </pre>
=== The JSON standard wrapper ===

<pre> {"response":{
"statusCode":""
"statusText":"",
"statusDetailCode":""

"requestId":""
"data":{
....
}
}}</pre>
=== Query String ===

The following parameters will be returned back as URL query parameters to your succUrl

<pre> statusCode
statusText
statusDetailCode
requestId
token_expiresIn
token_a
redirectURL
</pre>
== Error Codes ==
** 200 - Success (Ok)
** 330 - More authentication required
** 400 - Invalid request
** 401 - Unauthorized (authentication required)
** 405 - Method not allowed
** 408 - Request timeout
** 430 - Source rate limit reached
** 440 - Invalid Key
** 441 - Key usage limit reached
** 442 - Key invalid IP
** 443 - Key used from unauthorized site
** 444 - token used from unauthorized site (Referer doesn't match the value in token)
** 460 - Missing required parameter
** 462 - Parameter error
** 500 - Generic Server Error

== Sample Response ==
=== XML ===

<pre> <response xmlns="https://api.login.aol.com">
<statusCode>200</statusCode>

<statusText>OK</statusText>
<data>
<token>
<expiresIn>86400</expiresIn>
<a>%2FwEAAAAAZ%2F......</a>

</token>
</data>
</response></pre>
=== JSON ===

<pre> {"response":{
"statusCode":200,
"statusText":"OK",
"data":{
"token":{
"expiresIn":86400,
"a":"%2FwEAAAAAZ%2F......"

}
}
}}</pre>
=== Query String ===

<pre> statusCode=200&statusText=OK&token_a=%2FwEAAAAAflsMqyhx.....&token_expiresIn=86400</pre>

[[Category:Stub]]
[[Category:AOL]]
[[Category:AIM]]
[[Category:Protocols/WebAPI]]
[[Category:Protocols/WebAPI/Auth]]
[[Category:Protocols/WebAPI/Auth/WebApp]]
[[Category:Work_In_Progress]]

Protocols/WebAPI/Auth/WebApp/getToken - Revision history

Animadoria at 16:02, 30 April 2025