OAuth2

Search Knowledge Base by Keyword

Contents
  1. Go to the WinKK Passport partner management tool https://passport.winkk.com/partner.
  2. Follow the sign in procedure using Login button. You have to scan optical mark by the WinKK Pass mobile application to complete sign in.
  3. Go to the “Company” category in the management tool to see the company you can manage. The company name should appear under your user name in the title bar.
  4. Go to the “Applications” category in the management tool to see all the applications that are registered within the company.
  5. Use the (+)Add button to bring up the new application registration form.
  6. Fill the required fields of the form:
    • Name – The application title;
    • URL – The root URL of the website where application has its redirect URL (with protocol prefix https://, with port (if not default), without redirect page address).
  7. Choose the Interface (integration scheme) for the application – OAuth2.
  8. Choose the Authentication type for the application in the APPLICATION SECURITY REQUIREMENTS section.
    • Simple – Client has to scan an optical mark to enter the service;
    • Secure – Client has to scan an optical mark and pass additional authentication on the device to enter the service.
  9. Check the required and the optional data groups for the application using check box table in the OAUTH2 DATA SHARING section. The rows of the table shows all available data groups. At least one checkbox should be set at any group to create the application.
    • The “Required” column – stays for optional data groups that can be enabled/disabled by Client during authorization;
    • The “Mandatory” column – is used to set mandatory required data groups for the application.
    • The “Validated” column – indicates that the data group is mandatory required and must be additionally verified for validity by WinKK Passport.
  10. Click the save button on the form. A page with application details will be displayed.
  11. To edit the application settings, click on the Edit button.
  12. To review the application settings, copy application ID and secret key click on the application name in the “Applications” section. A page with application details will be displayed. These values will be used during OAuth API integration procedure.
  13. Place the WinKK Passport authorization link on the web page of the your web service. Construct the link URL using the following pattern: https://passport.winkk.com/oauth2a/auth?client_id=…&redirect_uri=…&cancel_url=…
    • client_id – The application ID;
    • redirect_uri – The URI client will be redirected to on successfull authorization via WinKK Passport, starting with https://;
    • cancel_url – The URI client will be redirected to on failure or manual cancellation, starting with https://.
  14. Develop the web page placed at the redirect_uri that handles authorization using one of the EyeOAUTH2 libraries. The examples to fetch Client profile data are shown below.
  15. You may use standard libraries for OAuth2 integration, the following endpoints are available:
    • https://passport.winkk.com/oauth2a/auth – Authentication Endpoint URL;
    • https://passport.winkk.com/oauth2a/token – Access Token Endpoint URL;
    • https://passport.winkk.com/oauth2a/userinfo – User Profile Service URL.
  16. Client profile data is fetched in a form of a dictionary structure via single API call (profile). The dictionary keys are field names, and the values are client profile data payloads. Field names are constructed from the data group name and actual field name divided by dot. So “contact.address” means the key for “address” field in “contact” data group of client profile. The non-empty value for particular key exists in the dictionary, if all the conditions are satisfied:
    • Client has filled the profile field in the selected profile;
    • Data group is set as optional or required in WinKK Partner Tool;
    • If the data group is set as optional, client should not disable access for it at “Choose Profile” dialog of WinKK Pass App.

In all other cases, the value will be empty string or the key itself will be absent from the dictionary. For now, the following keys are available, this list is subject to expand in future.

Field NameType
contact.addressString
contact.countryString
contact.phoneString
email.emailString
personal.avatarString (Base64-encoded image)
personal.first_nameString
personal.last_nameString
personal.nicknameString
Was this article helpful?
How can we improve this article?

Leave a Reply

Your email address will not be published. Required fields are marked *