Action token login
This guide will walk you though the process of generating and login in with the use of the Action token
functionality. This feature enables you to generate and revoke one time
tokens for desired users.
What you need?
To successfully complete this topic guide you need to ensure following prerequisites:
- Onegini IDP instance must to be running, for the sake of this guide we assume it's available under http://idp-core.dev.onegini.me address
- access to Onegini IDP admin console
- at least one user must be registered within Onegini IDP instance
Configuration
The Action token
feature toggle can be found in Onegini IDP admin console under in Configuration > Identity Providers tab. To enable token based login simply select
the checkbox which in the Action Token Login
section.
You can also set Action token
validity (in seconds) and desired authentication level.
Generate new Action token
To create a new Action token
you need to execute the following request:
URL
POST http://idp-core.dev.onegini.me:8081/api/persons/<person_id>/tokens/login
Optional body parameter
{
"expires_in_seconds": "int"
}
The Actions token
is always related with some specific user, therefore you need to provide the person_id
within the request path.
Revoke all tokens for a person
You can revoke all person's Action tokens
by executing the following request:
URL
DELETE http://idp-core.dev.onegini.me:8081/api/persons/<person_id>/tokens/login
Parameters details
expires_in_seconds
- for how many second should token be valid
<person_id>
- person identifier, specifies the owner of the Action token
Token properties
Action tokens
are single use only, and will be removed upon successful logging in or upon expiration- the default TTL of the
Action tokens
is 3600s - each person can have one or multiple (0-N)
Action tokens
assigned