Process Authentication

Process Authentication

This method allows you to process the authentication request to the user, you will require a Request Token to perform this request, see Request Authentication for more information on how to obtain a Request Token.
Parameter NameDefault ValueRequiredDescription
application_idNULLTrueThe ID of the Application
secret_keyNULLTrueThe Application's Secret Key
request_tokenNULLTrueThe request token for this authentication request

Example Success Response

This response is returned when the user has successfully authenticated to your Application.
{
  "success": true,
  "response_code": 200,
  "results": {
    "access_token": "537fc78c61b5ca2ac89c15fb73559a8092f7791e2cdba84e402bd32f8e738e2e",
    "granted_permissions": [
      "READ_PERSONAL_INFORMATION",
      "INVOKE_TELEGRAM_NOTIFICATIONS",
      "READ_EMAIL_ADDRESS",
      "READ_TELEGRAM_CLIENT",
      "READ_TODO",
      "MANAGE_TODO",
      "SYNC_APPLICATION_SETTINGS",
      "READ_USERNAME",
      "GET_USER_DISPLAY"
    ],
    "expires_timestamp": 1608439904
  }
}

Example Awaiting Response

This is a normal and expected response telling you that the server is waiting for the user to authenticate to your Application, at this stage you should poll the request until the results has changed to another error or success response.
{
  "success": false,
  "response_code": 400,
  "error": {
    "error_code": 41,
    "message": "AWAITING AUTHENTICATION",
    "type": "COA"
  }
}

Process Authentication Response Structure

NameTypeDescription
access_tokenstringThe Access Token allowing you to have access to the users account.
granted_permissionsstring[]A array of permissions that the User granted to the Application
expires_timestampintegerThe Unix Timestamp for when this access token expires

Application Permissions

To get more information about what permissions a Application can use and what do they mean, see Application Permissions. Note that the user can deny certain permissions that your Application requests, so for example if you request the ability to view the users Email Address then the user can deny that request but still authenticate to your Application.