search
Ctrlk

Conduct a POC with UAE PASS Authentication

The following content provides you a step-by-step guide on conducting a simple POC with UAE PASS Authentication Feature using Postman.

hashtag
Step 1

hashtag
Set up Staging UAE PASS Account

Before you begin you must set up a UAE PASS staging account following the steps given in https://docs.uaepass.ae/start-test-environment-implementation/create-uaepass-userarrow-up-right.

circle-check

The account can be either basic or verified. UAE PASS Authentication feature will support SOP1, SOP2 and SOP3 user account types.

hashtag
Step 2

hashtag
Invoke the Authorization Request.

You can use following parameter values for POC purpose.

Authorize Endpoint= https://stg-id.uaepass.ae/idshub/authorizearrow-up-right

Client_id= sandbox_stage

Scope = urn:uae:digitalid:profile:general

Redirect_uri= For this POC we are using https://localhost:8000.

acr_values= urn:safelayer:tws:policies:authentication:level:low

hashtag
Sample Request

triangle-exclamation

Authorization request should be invoked in browser to obtain user authorization.

Once authorization request is invoked user will get the UAE PASS login page to authorize as follows.

UAE PASS Login Page

hashtag
Step 3

hashtag
Enter the identifier of UAE PASS staging account (Email or Mobile or EID) and click on Login.

Once you click on Login button you will receive the UAE PASS authentication notification request to the UAE PASS Staging mobile app and a notification request with a specific code in the browser.

Enter Identifier and Click Login

Match the Code with Notification Request in Mobile

Mobile notification Screen

hashtag
Step 4

hashtag
Select the correct code and confirm the notification request.

hashtag
Step 5

hashtag
Obtain Authorization Code

Once the user accepts the notification request, UAE PASS will issue the authorization code in the response header as shown in below example.

hashtag
Sample Response

Authorization Response

hashtag
Step 6

hashtag
Invoke the Access Token Request to obtain the access token.

You can use following values for the POC.

Token End point = https://stg-id.uaepass.ae/idshub/tokenarrow-up-right

grant_type = authorization_code

redirect_uri = Redirect URL value used in the authorization request (Step 2).

code = Authorization code received in authorization response.

Authorization Header = Base64 encoded (client_ID : client_Secret)

Token API request Parameters
Token API Authorization Header

hashtag
Curl Request for Token API

triangle-exclamation

Token request should be a back-channel request and should use postman or as CURL during the POC to invoke the request.

circle-check

Authorization code is one time usage value and will expire once used to obtain an access token. Expiry time will be 10 mins.

As success response you will receive an access token from UAE PASS as shown in below image.

Token API response

hashtag
Step 7

hashtag
Invoke the User Info request to obtain the user details of the authenticated user.

You can use following values for the POC.

User info Endpoint = https://stg-id.uaepass.ae/idshub/userinfo

Bearer Token = Access token value received from access token response.

User Info Request

hashtag
Curl Request for User Info API

triangle-exclamation

User Info request should be a back-channel request and should use postman or Curl during the POC to invoke the request.

On success you will receive the user information of the authenticated user from UAE PASS.

User Info Response

hashtag
You can download the postman collection for POC from below attachment.

file-download
2KB
Authentication APIs Postman Collection V2.postman_collection.json
arrow-up-right-from-squareOpen

PreviousTesting Credentials for POCNextAuthentication

Last updated

Was this helpful?