The authentication works with the grant type device_pin
and the corresponding field for it. It uses the common endpoint POST /oauth/token
.
Request
POST /api/v2/Smart/Device/SDV_8ZKMSAQ30VNH1WE6EGFJCCG4BCSAML/DevicePin HTTP/1.1
Host: connect-testing.secupay-ag.de
Authorization: Bearer qb56tjj1bcvo9n2nj4u38k84lo
Accept: application/json
{
"grant_type"
:
"device_pin"
,
"client_id"
:
"e3323efa4fb2c4e8562adcdbfe9acf41"
,
"client_secret"
:
"44640a4323db70c1b87dcbe27672a997eb98dad04d8e4caf942da70f77841f8d"
,
"uuid"
:
"/vendor/ingenico/serial/17275wl26695664"
,
"device_pin"
:
"CxajtF94uLi4s7d3"
}
If the Smart Device ID is valid, the API responds with 200 OK
, and the wanted tokens:
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"access_token"
:
"7vfogs9bpol1dv2yvl5gqmpl0g"
,
"expires_in"
: 1200,
"token_type"
:
"bearer"
,
"scope"
:
null
}
If not successful, it responds with 400 Bad Request
, and a simple error response.