Onegini Token Server API tester

Device registration

Dynamic client registration

A device name is generated when this field is left empty.


Validate DCR credentials

When enabled the client secret will be encrypted with the shared secret

Authorization

Authorization code settings

The client must have obtained the key out-of-band during the registration process

The secret (normally a long random string) is also out-of-band obtained by the client during the registration process

When enabled the client secret will be encrypted with the shared secret

The scope is a space separated list of strings. Leave it empty to request for default scopes.

The access token endpoint of the Authorization server

The authorization token endpoint of the Authorization server

Authorization code grant

This is the URL to redirect to for user authentication. It is based on the authorization url of the Authorization Server and the registered client.

This is a value that is used in a dummy user authenticator.

This is a value that identifies a single user on a device when multiple users are using the same device

Client credentials

The scope is a space separated list of strings. Leave it empty to request for default scopes.


Client credentials

The scope is a space separated list of strings. Leave it empty to request for default scopes.

User registration

Two way OTP - Create Response Token

The challenge code obtained during the registration process

User identifier to be registered

Backchannel

The endpoint for the backchannel communication of User Registration. {idp} is replaced with the value in the Identity Provider field.

User Registration init

The endpoint for the init step of User Registration. {idp} is replaced with the value in the Identity Provider field.

User Registration Complete

The scope is a space separated list of strings. Leave it empty to request for default scopes.

This is a value that identifies a single user on a device when multiple users are using the same device

The endpoint for the complete step of User Registration. {idp} is replaced with the value in the Identity Provider field.

Access tokens

Validate access token

Note: this is the Access token forĀ all subsequent OAuth queries

Refresh access token
  
  

The token endpoint of the Authorization server

Request finger print token

The token endpoint of the Token server

Register custom authenticator
Request implicit authentication token

The token endpoint of the Token server

Revoke tokens

Resources

Fetch resources

Note: this is the Access token for all subsequent OAuth queries

An endpoint on the example Resource server

Mobile authentication

Enrollment v2

Enrollment init
Enrollment init

Enrollment v1

Enrollment init
Enrollment public key
Enrollment acknowledge

Mobile Authentication API

API version
Fetch enabled Mobile authentication types

Optional field. API version 4 only.

Optional field. API version 3 only.

Optional field. API version 2 only.

Mobile Authentication

The message included in the push notification, restricted to 155 characters

Optional longer message, not included in the push notification

Clear this field if the method is OTP

Only required for Push types in API version 4.

Only required for Push types in API version 3.

Only required for SMS

Only required for transaction signing

Optional

Resend SMS
Verify SMS code

One Time Password
Continue
Authentication result

Result

HTTP Request


  

HTTP Response Headers


  

HTTP Response Body