Hi,
just playing around with the REST API. There is more than one way to get a token but I wanted to get the use case working where a user is frist directed to mydevices.com for authentication, mydevices.com responds with an access token which is then exchanged into an authorization token.
The docs state
Success behavior: After successfully authenticating and accepting the requested scope, the user will be redirected back to the redirect_uri provided by the prior step.`
All good 'cause the redirect_uri that is being redirected to is supposed to contain the access_token.
However even if the requested redirect_uri is something like âhttps://localhost:8080/test/test2â, the resulting redirect goes to e.g.
Notice the â#â in the URI. That is a HTML anchor and browsers do NOT send everything behind it to the http server. That means my backend code never sees the returned access_token.
The resulting URI should be e.g.
https://localhost:8080/test/test2?state=ABC&session_state=e176d1f3-2b9d-488f-9956-488bbfc49178&access_token=eyJhbGciOiJ.....SUzI1NiIsInR5cCI
Notice the â?â instead of the â#â.
The code on the mydevices side should either append its parameters with a â?â if the requested return_uri doesnât contain any URL parameters itself or append its parameters with a â&â if there are already URL parameters in the return_uri.
I mean⌠am I missing something here?
Any pointers to where Iâm doing it wrong are appreciated.
Ingo