Changes

CloudServices/Sagrada/TokenServer

85 bytes removed, 18:47, 12 January 2012

→‎POST /1.0//request_token

'''Unless stated otherwise, all APIs are using application/json for the requests and responses content types.'''

== ~~POST~~ GET /1.0/<app_name>/~~request_token~~ token ==

Asks for new token given some credentials in the Authorization header.

~~Asks for new token given some credentials.~~ By default, the authentication ~~protocol~~ scheme is Browser IDbut ~~the '''X-Authentication-Protocol'''~~ other schemes can potentially be used ~~to explicitly pick a protocol. If~~ if supported by the login server ~~does not~~ ~~support the authentication protocol provided, a 400 is returned~~. '''app_name''' is the name of the application to access, like '''sync'''. ~~When the authentication protocol requires something else than an Authorization header, the data is provided in~~ ~~the request body~~.

Example for Browser-Id:

<pre>

~~POST~~ GET /1.0/sync/~~request_token~~token

Host: token.services.mozilla.com

Content-Type: application/json

{'Authorization: Browser-ID <assertion~~': XXX}~~>

</pre>

* 404 : unknown URL (0), or unsupported application (1).

* 400 : malformed request - missing option or bad values(2) or malformed json (3) or unsupported authentication protocol (4)

* 401 : authentication failed or protocol not supported (5). The response in that case will contain WWW-Authenticate headers (one per supported scheme)

* 405 : unsupported method (6)

* 406 : unacceptable - the client asked for an Accept we don't support (7)

Tarek.ziade

Confirm

927

edits

Changes

CloudServices/Sagrada/TokenServer

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools