Chilkat Online Tools

unicodeCpp / Salesforce Platform APIs / Passwordless Login - Authorize

Back to Collection Items

#include <CkHttpW.h>
#include <CkHttpRequestW.h>
#include <CkJsonObjectW.h>
#include <CkHttpResponseW.h>

void ChilkatSample(void)
    {
    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkHttpW http;
    bool success;

    CkHttpRequestW req;
    req.AddParam(L"response_type",L"code_credentials");

    CkJsonObjectW jsonParam2;
    req.AddParam(L"client_id",jsonParam2.emit());

    CkJsonObjectW jsonParam3;
    req.AddParam(L"redirect_uri",jsonParam3.emit());
    req.AddParam(L"scope",L"");

    req.AddHeader(L"Auth-Verification-Type",L"<email or sms>");
    req.AddHeader(L"Auth-Request-Type",L"passwordless-login");
    req.AddHeader(L"Authorization",L"Basic <base64Encoded identifier:otp>");

    CkHttpResponseW *resp = http.PostUrlEncoded(L"https://login.salesforce.com{{site}}/services/oauth2/authorize",req);
    if (http.get_LastMethodSuccess() == false) {
        wprintf(L"%s\n",http.lastErrorText());
        return;
    }

    wprintf(L"%d\n",resp->get_StatusCode());
    wprintf(L"%s\n",resp->bodyStr());
    delete resp;
    }

Curl Command

curl -X POST
	-H "Auth-Request-Type: passwordless-login"
	-H "Auth-Verification-Type: <email or sms>"
	-H "Authorization: Basic <base64Encoded identifier:otp>"
	--data-urlencode 'response_type=code_credentials'
	--data-urlencode 'client_id={{clientId}}'
	--data-urlencode 'redirect_uri={{redirectUrl}}'
	--data-urlencode 'scope='
https://login.salesforce.com{{site}}/services/oauth2/authorize

Postman Collection Item JSON

{
  "name": "Passwordless Login - Authorize",
  "request": {
    "auth": {
      "type": "noauth"
    },
    "method": "POST",
    "header": [
      {
        "key": "Auth-Request-Type",
        "value": "passwordless-login",
        "description": "Required for passwordless login"
      },
      {
        "key": "Auth-Verification-Type",
        "value": "<email or sms>",
        "description": "Must match init verification method, email or sms"
      },
      {
        "key": "Authorization",
        "value": "Basic <base64Encoded identifier:otp>",
        "description": "Base 64 encoded <Identifier:OTP>"
      }
    ],
    "body": {
      "mode": "urlencoded",
      "urlencoded": [
        {
          "key": "response_type",
          "value": "code_credentials",
          "type": "text"
        },
        {
          "key": "client_id",
          "value": "{{clientId}}",
          "type": "text"
        },
        {
          "key": "redirect_uri",
          "value": "{{redirectUrl}}",
          "type": "text"
        },
        {
          "key": "scope",
          "value": "",
          "description": "Comma seperated list of scopes, optional",
          "type": "text"
        }
      ]
    },
    "url": {
      "raw": "{{url}}{{site}}/services/oauth2/authorize",
      "host": [
        "{{url}}{{site}}"
      ],
      "path": [
        "services",
        "oauth2",
        "authorize"
      ]
    },
    "description": "After you send your passwordless login data to initialize, this request allows you to process that login data, and as a part of this request you also verify the users email or sms number. The request itself is a authorization call for the Code and Credential flow. It includes 3 specific headers: `Auth-Request-Type` which is set to `passwordless-login`, `Auth-Verification-Type` which is set to email or sms, and an Authorization Basic header, which is the base64 encoded result of `identifier:otp` where `identifier` is the value returned in your initialize call, and `otp` is the value sent to the end user via email or sms.\n\nThe response from this API is the Auth Code, which is then exchanged for the Access Token."
  },
  "response": [
  ]
}