Authentication API
Managing everything from authorization codes to access tokens
The Authentication API is used to obtain codes and tokens. In turn, those codes and tokens enable you to perform specific actions on user profiles.
An introduction to the Authentication API cab be found in these articles:
The actual API endpoints are listed below.
| /access/getAccessToken Retrieves an access token. |
GET |
| /access/getAuthorizationCode Retrieves an authorization code that can then be traded for an access token and a refresh token. |
GET |
| /access/getCreationToken Retrieves a creation token, which can be used to create user profiles. Typically used by mobile developers. |
GET |
| /access/getVerificationCode Gets a verification code that can be used to set a timestamp in a user profile (for example, to record the date and time when an email address was verified). |
GET |
| /access/useVerificationCode Uses a verification code (see above) to set a timestamp in a user profile. A given verification code can only be used once. |
GET |
| /oauth/auth_native Completes social login authentication after a social login token has been retrieved. |
POST |
| /oauth/auth_native_traditional Completes a traditional login (i.e., a login that employs a username and password). |
POST |
| /oauth/forgot_password_native Sends a "reset password" email and link to the specified user. |
POST |
| /oauth/link_account_native Links a new social identity (e.g., a Facebook or Twitter account) to an existing user account. |
POST |
| /oauth/register_native Complete social registration. Note that you must call /oauth/auth_native before calling /oauth/register_native. If not, you command will fail with an "invalid Social Login token" error. |
POST |
| /oauth/register_native_traditional Completes a traditional registration. Traditional registrations employ a username and password. |
POST |
| /oauth/token Exchanges an authorization token or a refresh token for an access token. This access token will be accompanied by a new refresh token: when the access expires you can exchange the refresh token for another access token. |
GET |
| /oauth/unlink_account_native "Unlinks" a social provider from a user account. For example, if you unlink Facebook from a user account the affected user will no longer be able to logon using Facebook. Instead, they will have to log on using a username and password, or a different social provider. |
POST |
| /oauth/update_profile_native Updates data in a user profile. |
POST |
| /oauth/verify_email_native Sends a "verify email address" and link to the specified user. |
POST |