This is a non-standard authentication grant type to allow authenticating with the service using a signed JWT from a STB device including a signed public key certificate. This process is described in more detail here: /wiki/spaces/BPLAT/pages/38550375
This flow requires that the STB device has been provisioned to the user before attempting to authenticate.
User flow
The client obtains a signed token from the device Entone API.
The user calls the access_tokens endpoint with the stb_pwless grant type, providing the token from the Entone API as credentials.
If successful, the user receives a normal login response and can now use the service using the access tokens provided.
Migration guide
This method replaces the /api/stb/auth endpoint. The token parameter from the old endpoint is provided to the new access_tokens endpoint in in the POST body, under the "credentials" field. The grant type works like any other login mechanism in all other aspects.