Back to Collection Items
require 'chilkat'
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
http = Chilkat::CkHttp.new()
req = Chilkat::CkHttpRequest.new()
req.AddParam("response_type","code_credentials")
jsonParam2 = Chilkat::CkJsonObject.new()
req.AddParam("client_id",jsonParam2.emit())
jsonParam3 = Chilkat::CkJsonObject.new()
req.AddParam("redirect_uri",jsonParam3.emit())
req.AddParam("scope","")
req.AddHeader("Auth-Verification-Type","<email or sms>")
req.AddHeader("Auth-Request-Type","passwordless-login")
req.AddHeader("Authorization","Basic <base64Encoded identifier:otp>")
# resp is a CkHttpResponse
resp = http.PostUrlEncoded("https://login.salesforce.com{{site}}/services/oauth2/authorize",req)
if (http.get_LastMethodSuccess() == false)
print http.lastErrorText() + "\n";
exit
end
print resp.get_StatusCode().to_s() + "\n";
print resp.bodyStr() + "\n";
Curl Command
curl -X POST
-H "Auth-Request-Type: passwordless-login"
-H "Auth-Verification-Type: <email or sms>"
-H "Authorization: Basic <base64Encoded identifier:otp>"
--data-urlencode 'response_type=code_credentials'
--data-urlencode 'client_id={{clientId}}'
--data-urlencode 'redirect_uri={{redirectUrl}}'
--data-urlencode 'scope='
https://login.salesforce.com{{site}}/services/oauth2/authorize
Postman Collection Item JSON
{
"name": "Passwordless Login - Authorize",
"request": {
"auth": {
"type": "noauth"
},
"method": "POST",
"header": [
{
"key": "Auth-Request-Type",
"value": "passwordless-login",
"description": "Required for passwordless login"
},
{
"key": "Auth-Verification-Type",
"value": "<email or sms>",
"description": "Must match init verification method, email or sms"
},
{
"key": "Authorization",
"value": "Basic <base64Encoded identifier:otp>",
"description": "Base 64 encoded <Identifier:OTP>"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "response_type",
"value": "code_credentials",
"type": "text"
},
{
"key": "client_id",
"value": "{{clientId}}",
"type": "text"
},
{
"key": "redirect_uri",
"value": "{{redirectUrl}}",
"type": "text"
},
{
"key": "scope",
"value": "",
"description": "Comma seperated list of scopes, optional",
"type": "text"
}
]
},
"url": {
"raw": "{{url}}{{site}}/services/oauth2/authorize",
"host": [
"{{url}}{{site}}"
],
"path": [
"services",
"oauth2",
"authorize"
]
},
"description": "After you send your passwordless login data to initialize, this request allows you to process that login data, and as a part of this request you also verify the users email or sms number. The request itself is a authorization call for the Code and Credential flow. It includes 3 specific headers: `Auth-Request-Type` which is set to `passwordless-login`, `Auth-Verification-Type` which is set to email or sms, and an Authorization Basic header, which is the base64 encoded result of `identifier:otp` where `identifier` is the value returned in your initialize call, and `otp` is the value sent to the end user via email or sms.\n\nThe response from this API is the Auth Code, which is then exchanged for the Access Token."
},
"response": [
]
}
