Versions Compared
| Version | Old Version 1 | New Version Current |
|---|---|---|
| Changes made by | ||
| Saved on |
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Introduction
This is a non-standard authentication grant type to allow authenticating with the service using a signed JWT from a STB device including a signed public key certificate. This process is described in more detail here: /wiki/spaces/BPLAT/pages/38550375
This flow requires that the STB device has been provisioned to the user before attempting to authenticate.
User flow
- The client obtains a signed token from the device Entone API.
- The user calls the access_tokens endpoint with the stb_pwless grant type, providing the token from the Entone API as credentials.
- If successful, the user receives a normal login response and can now use the service using the access tokens provided.
Migration guide
This method replaces the /api/stb/auth endpoint. The token parameter from the old endpoint is provided to the new access_tokens endpoint in in the POST body, under the "credentials" field. The grant type works like any other login mechanism in all other aspects.
Postman collection
TODO
Table of Contents
| Table of Contents |
|---|
Child Pages
| Child pages (Children Display) |
|---|