2. Access Token

As per the diagram shown in figure 2, SP should obtain the access token by passing the same access code which was received in the previous step.

cURL Request for Token Generation Call

curl --location --request POST 'https://stg-id.uaepass.ae/idshub/token?grant_type=authorization_code&redirect_uri=https://stg-selfcare.uaepass.ae&code=bfe96299-83f4-3ee9-80e4-56c24f5265d3'
--header 'Content-Type: multipart/form-data'
--header 'Authorization: Basic c2FuZGJveF9zdGFnZTpzYW5kYm94X3N0YWdl'

Replace code parameter '{Access Code}' with the value received from Access Code.

Response

{
"access_token": "67f2536e-07e6-37c1-967f-78562000a4f9",
"scope": "urn:uae:digitalid:profile:general",
"token_type": "Bearer",
"expires_in": 3600
}

API detail to exchange the token

POST https://stg-id.uaepass.ae/idshub/token

Query Parameters

Name	Type	Description
grant_type	string	Must have the value as “authorization_code”.
redirect_uri	string	Redirect URI to the application. The application waits to receive at this URI the authorization or authentication response message with the authorization code.
code	string	Authorization code received in the previous authorization response.

Headers

Name	Type	Description
Authorization	string	Basic {credentials}
Content-Type	string	multipart/form-data; charset=UTF-8

200 In response, VNPASS issues a bearer-type OAuth 2.0 access token and returns it in a JSON structure. JSON object containing the access token, associated information and (if the scope was openid requested) an ID token. access_token: Access token generated by VN PASS. token_type: Type of access token. Always has the “Bearer” value. expires_in: Lifetime (in seconds) of the access token. scope: Scopes granted to those to which the access token is associated, separated by spaces.

{
"access_token": "67f2536e-07e6-37c1-967f-78562000a4f9",
"scope": "urn:uae:digitalid:profile:general",
"token_type": "Bearer",
"expires_in": 3600
}

1. Access Code

3. User Information

Was this helpful?

Thank you!