S360 Services
Home
Home
Azure DevOps Repository
  1. SSO
  • Component Diagram
  • S360 Providers
    • BackOffice Workspace
      • Application
        • Submit Application
        • Application Status
      • Service Provisioning
        • Service Provisioning Request
        • Service Provisioning Status
      • Payment
        • Pricing Request
        • Payment Confirmation
      • References
    • IID Authorization
      • Get Context
      • Create Child Session
      • Get Child Session
      • Refresh Child Session
      • Validate Child Session
      • Logout Child Session
      • Add messages
    • MDM
      • License
        • QueryLicenses
  • S360
    • BackOffice
      • Application
        • Application Decision
      • Service Provisioning
        • Service Provisioning
    • IID Portal
      • Read This First
      • Application Status
      • Services
        • Get My Services
        • Get My Service Details
        • Start My Application
      • Applications
        • Get My Applications
        • Get My Application Details
        • Complete My Application
        • View My Application
      • Inventory
        • Get My Inventories
        • Get My Inventory Details
      • Payment
        • CompletePayment
        • GetPaymentDetails
        • ConfirmPayment
        • GetDuePaymentDetails
        • GetPastPaymentDetails
        • GetMyDuePayments
        • GetMyPastPayments
        • GetMyPaymentDetails
        • GetMyPayments
      • Document
        • Retrieve Document
    • Application Workspace
      • Read This First
      • SSO
        • Authenticate
          POST
        • Refresh Session
          POST
      • Application
        • GetContext App
        • GetContext User
        • Submit My Application
        • Notify Application Status
      • Document
        • Upload Document
        • Retrieve Document
      • Proxy
        • Get Reference Data from Entity
      • DesignTime
        • Upload Application Schema
    • Rules Engines
      • Payment
  1. SSO

Authenticate

Integrating
POST
https://apiqa.detsandbox.com/idp/sso/v1/authenticate
Last modified:2024-09-26 10:49:56
OperationId:Authenticate

Overview#

Application Workspace authenticate to the system by calling IDP Services with the sessionToken(Short-Lived Session Token) and its signature. These are retrieved during the redirection thru the IID portal. IDP Services shall signs, issues a JWT embeded the claim data.
Subsequent call to the IID Core API for the same user's session should embed the token in the HTTP Header Authorization

Sequence Diagram#

Pre-Condition:
User initiate CompleteMyApplication operation and IID Portal successfully generate external token and redirect the user to the Application Workspace.
MerMaid-S360-Authenticate
Expected Condition:
IID SSO session is established

Exception Handling#

Below is the exception handling scenario if exception occurred (HTTP 401 - Unauthorized)
Error CodeDescriptionException Handling
ESB-IDP-E0003Session ID and/or sessionToken is invalidBack to anonymous or request user to sign in
ESB-IDP-E0004User logged outBack to anonymous or request user to sign in

Request

Header Params

Body Params application/json

Example
{
    "sessionToken": "{{sessionToken}}"
}

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://apiqa.detsandbox.com/idp/sso/v1/authenticate' \
--header 'X-IID-Signature: ' \
--header 'X-Request-Id: {% faker datatype.uuid %}' \
--header 'api_key: 5k5a9rnknaj87kthytganapc' \
--header 'Content-Type: application/json' \
--data-raw '{
    "sessionToken": ""
}'

Responses

🟢200Success
application/json
Body

Examples
{
    "status": 200,
    "esbUUID": "51368f50-4a67-42d4-803c-ddc80c0be491",
    "desc": {
        "en": "Success",
        "ar": "نجاح",
        "code": "ESB-IDP-S0000"
    },
    "data": {
        "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3d3dy5pbnZlc3RpbmR1YmFpLmdvdi5hZSIsInN1YiI6ImFwcGxpY2F0aW9uV29ya3NwYWNlIiwiYXVkIjoic3NvIiwiaWF0IjoiMTcyMjI1ODk2OSIsImp0aSI6IjAxOTZkYTI4LWZjYmQtNDQyMy1iYzBjLWI3YWUxOGZlNWM0MyIsImRlc3QiOiJodHRwOi8vZGFwcGVyLWFydGh1ci5uZXQiLCJzY29wZSI6IkdldENvbnRleHQgU3VibWl0TXlBcHBsaWNhdGlvbiBOb3RpZnlBcHBsaWNhdGlvblN0YXR1cyBHZXRMb29rdXBEYXRhIFVwbG9hZERvY3VtZW50cyBSZXRyaWV2ZURvY3VtZW50cyIsImNvbnRleHQiOnsic3NvIjp7InNlc3Npb25JZCI6ImM5ZTEyYzEzLTU4OWUtNGYzYS05MjczLWU5MzAwZmRhMGVlMyIsImV4dGVybmFsU3lzdGVtSWQiOiI0MDMxN2JkMS1jYTQzLTRkYjYtOTZjNi01NmJlODFhMmE1ZjciLCJhdXRob3JpdHlUeXBlIjoiU0VMRiIsInNlc3Npb25Ub2tlbkVuY3J5cHRlZCI6ImV5SmhiR2NpT2lKSVV6STFOaUlzSW5SNWNDSTZJa3BYVkNKOS5leUp6WlhOemFXOXVWRzlyWlc0aU9pSmtOVEppTVdVd09DMDFaalpqTFRRNVkyVXRZV1E0WXkxbFpEVmpNRE16TXpJeE1XTWlmUS5OaE5ncE1vOGtBRnFYYnE2VEJlcF81a215Skd3dVhQaXhYZ2pYdXY5TXJVIn19fQ.fjnmalyZyed4SBsBy3OU95a8VZuC0s37iEUzi-gnuZM"
    }
}
🟠403Forbidden
🟠401Unauthorized
🔴500Internal Server Error
🔴504APIMGatewayTimeout
🟠403APIMDeveloperInactive
🟠404FlogoException
🔴503APIMServiceUnavailable
🔴500Unknown Error
Modified at 2024-09-26 10:49:56
Previous
Read This First
Next
Refresh Session
Built with