# Conduct a POC with UAE PASS Authentication The following content provides you a step-by-step guide on conducting a simple POC with UAE PASS Authentication Feature using Postman. ## Step 1 #### Set up Staging UAE PASS Account Before you begin you must set up a UAE PASS staging account following the steps given in . {% hint style="success" %} **The account can be either basic or verified. UAE PASS Authentication feature will support SOP1, SOP2 and SOP3 user account types.** {% endhint %} ## Step 2 #### Invoke the Authorization Request. You can use following parameter values for POC purpose. **Authorize Endpoint=** [https://stg-id.uaepass.ae/idshub/authorize](https://stg-id.uaepass.ae/idshub/authorize) **Client\_id**= sandbox\_stage **Scope** = urn:uae:digitalid:profile:general **Redirect\_uri**= For this POC we are using . **acr\_values**= urn:safelayer:tws:policies:authentication:level:low #### Sample Request {% code overflow="wrap" %} ```url https://stg-id.uaepass.ae/idshub/authorize?response_type=code&client_id=sandbox_stage&scope=urn:uae:digitalid:profile:general&state=HnlHOJTkTb66Y5H&redirect_uri=https://localhost:8000&acr_values=urn:safelayer:tws:policies:authentication:level:low ``` {% endcode %} {% hint style="danger" %} Authorization request should be invoked in browser to obtain user authorization. {% endhint %} Once authorization request is invoked user will get the UAE PASS login page to authorize as follows.

UAE PASS Login Page

## Step 3 #### Enter the identifier of UAE PASS staging account (Email or Mobile or EID) and click on Login. Once you click on Login button you will receive the UAE PASS authentication notification request to the UAE PASS Staging mobile app and a notification request with a specific code in the browser.

Enter Identifier and Click Login

Match the Code with Notification Request in Mobile

Mobile notification Screen

## Step 4 #### Select the correct code and confirm the notification request.
## Step 5 #### Obtain Authorization Code Once the user accepts the notification request, UAE PASS will issue the authorization code in the response header as shown in below example. #### Sample Response ``` https://localhost:8080/code-bbc69-344553dc-3445fdscc-HnfgmsfsjjH ```

Authorization Response

## Step 6 #### Invoke the Access Token Request to obtain the access token. You can use following values for the POC. **Token End point** = [https://stg-id.uaepass.ae/idshub/token](https://stg-id.uaepass.ae/idshub/token) **grant\_type** = authorization\_code **redirect\_uri** = Redirect URL value used in the authorization request (Step 2). **code** = Authorization code received in authorization response. **Authorization Header** = Base64 encoded (client\_ID : client\_Secret)

Token API request Parameters

Token API Authorization Header

#### Curl Request for Token API {% code overflow="wrap" %} ``` curl --location --request POST 'https://stg-id.uaepass.ae/idshub/token?grant_type=authorization_code&redirect_uri=https%3A%2F%2Flocalhost%3A8080&code=bbc69c3b-561b-3cc6-a590-16a2bb8448ed' \ --header 'Authorization: Basic c2FuZGJveF9zdGFnZTpzYW5kYm94X3N0YWdl' ``` {% endcode %} {% hint style="danger" %} Token request should be a back-channel request and should use postman or as CURL during the POC to invoke the request. {% endhint %} {% hint style="success" %} Authorization code is one time usage value and will expire once used to obtain an access token. Expiry time will be 10 mins. {% endhint %} As success response you will receive an access token from UAE PASS as shown in below image.

Token API response

## Step 7 #### Invoke the User Info request to obtain the user details of the authenticated user. You can use following values for the POC. **User info Endpoint** = **Bearer Token** = Access token value received from access token response.

User Info Request

#### Curl Request for User Info API ``` curl --location 'https://stg-id.uaepass.ae/idshub/userinfo' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Authorization: Bearer 221fb1c8-deb7-3fca-b9f6-1d18281f2929' ``` {% hint style="danger" %} User Info request should be a back-channel request and should use postman or Curl during the POC to invoke the request. {% endhint %} On success you will receive the user information of the authenticated user from UAE PASS.

User Info Response

#### You can download the postman collection for POC from below attachment. {% file src="/files/FYfu6oua8jMuy6NKYwcy" %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.uaepass.ae/quick-start-guide-uae-pass-staging-environment/conduct-a-poc-with-uae-pass-authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.