Conduct a POC with UAE PASS Authentication
The following content provides you a step-by-step guide on conducting a simple POC with UAE PASS Authentication Feature using Postman.
Step 1
Set up Staging UAE PASS Account
Before you begin you must set up a UAE PASS staging account following the steps given in https://docs.uaepass.ae/start-test-environment-implementation/create-uaepass-user.
The account can be either basic or verified. UAE PASS Authentication feature will support SOP1, SOP2 and SOP3 user account types.
Step 2
Invoke the Authorization Request.
You can use following parameter values for POC purpose.
Authorize Endpoint= https://stg-id.uaepass.ae/idshub/authorize
Client_id= sandbox_stage
Scope = urn:uae:digitalid:profile:general
Redirect_uri= For this POC we are using https://localhost:8000.
acr_values= urn:safelayer:tws:policies:authentication:level:low
Sample Request
https://stg-id.uaepass.ae/idshub/authorize?response_type=code&client_id=sandbox_stage&scope=urn:uae:digitalid:profile:general&state=HnlHOJTkTb66Y5H&redirect_uri=https://localhost:8000&acr_values=urn:safelayer:tws:policies:authentication:level:low Authorization request should be invoked in browser to obtain user authorization.
Once authorization request is invoked user will get the UAE PASS login page to authorize as follows.
Step 3
Enter the identifier of UAE PASS staging account (Email or Mobile or EID) and click on Login.
Once you click on Login button you will receive the UAE PASS authentication notification request to the UAE PASS Staging mobile app and a notification request with a specific code in the browser.
Step 4
Select the correct code and confirm the notification request.
Step 5
Obtain Authorization Code
Once the user accepts the notification request, UAE PASS will issue the authorization code in the response header as shown in below example.
Sample Response
https://localhost:8080/code-bbc69-344553dc-3445fdscc-HnfgmsfsjjH
Step 6
Invoke the Access Token Request to obtain the access token.
You can use following values for the POC.
Token End point = https://stg-id.uaepass.ae/idshub/token
grant_type = authorization_code
redirect_uri = Redirect URL value used in the authorization request (Step 2).
code = Authorization code received in authorization response.
Authorization Header = Base64 encoded (client_ID : client_Secret)
Curl Request for Token API
curl --location --request POST 'https://stg-id.uaepass.ae/idshub/token?grant_type=authorization_code&redirect_uri=https%3A%2F%2Flocalhost%3A8080&code=bbc69c3b-561b-3cc6-a590-16a2bb8448ed' \
--header 'Authorization: Basic c2FuZGJveF9zdGFnZTpzYW5kYm94X3N0YWdl'Token request should be a back-channel request and should use postman or as CURL during the POC to invoke the request.
Authorization code is one time usage value and will expire once used to obtain an access token. Expiry time will be 10 mins.
As success response you will receive an access token from UAE PASS as shown in below image.
Step 7
Invoke the User Info request to obtain the user details of the authenticated user.
You can use following values for the POC.
User info Endpoint = https://stg-id.uaepass.ae/idshub/userinfo
Bearer Token = Access token value received from access token response.
Curl Request for User Info API
curl --location 'https://stg-id.uaepass.ae/idshub/userinfo' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer 221fb1c8-deb7-3fca-b9f6-1d18281f2929'User Info request should be a back-channel request and should use postman or Curl during the POC to invoke the request.
On success you will receive the user information of the authenticated user from UAE PASS.
You can download the postman collection for POC from below attachment.
Last updated
Was this helpful?