handling the login request_token request

bk18
Hi,

I understand the login flow. As mentioned in the docs, i get the request_token request in the said redirect url. So i take the request_token and use it as said in the docs(like post message to /session/token). But what response should be sent by the server(web server dealing with the redirect url) for the request_token request? By sending a null response with connection close, the page(login page) says session invalid. Is that fine? What is the correct/expected response from the web server of the redirecting url?

--Thanks.
  • sujith
    @bk18,
    You need to pick the request_token query param from the redirect URL. There is no response. You can check out the webinar here.
  • bk18
    Hi @sujith,

    I understand the token process. By saying that there is no response, can I just authenticate the login and close the browser? Even if the browser is open and the message is session invalid, is the token still valid?

    Thanks
  • sujith
    You can retrieve the request token and close the browser. A request token is valid only for a few minutes and can be used only once. So, you need to use the request token to make a generate session API call and get access token.
    The access token is used for authenticating all API calls which is valid for one whole day.
  • sujith
    There is no response there it is just a redirect.
Sign In or Register to comment.