UAE PASS
  • UAE PASS
  • Overview
  • Getting Onboarded with UAE PASS
    • Onboarding Process for UAE PASS Service Providers
      • Initiation Phase
      • Development Phase
      • Assessment Phase
      • Go live Phase
  • Quick Start Guide - UAE PASS Staging Environment
    • User Account Types
    • Create Staging UAE PASS Account
    • Upgrade Staging UAE PASS Account
    • Testing Credentials for POC
    • Conduct a POC with UAE PASS Authentication
  • Feature Guides
    • Authentication
      • Web Integration
        • Introduction
        • Pre-Requisites
        • Endpoints
        • 1. Authorization Code
        • 2. Access Token
        • 3. User Information
        • 4. Logout
        • Login Button
        • Authentication Postman Walkthrough
      • Mobile Integration
        • Introduction
        • Pre-Requisites
        • Requirements
        • Guide
          • SDK
          • API
        • SDK Integration
      • Token Validation API
        • Introduction
        • Pre-Requistes
        • Endpoints
        • Integration Steps
          • 1. Verify access token API using Basic Authentication
          • 2. Obtaining Authenticated User Information from the Access Token
        • Validation Decisions
      • User Linking
        • Automatic Linking
        • Manual Linking
        • Corporate Account
    • Digital Signature
      • Digital Signature (Single Document)
        • Signing Guide
          • Endpoints
          • Document Signing Steps
            • 1. Token
            • 2. Create Signer Process
            • 3. Sign Document
            • 4. Obtaining Document
            • 5. LTV Configuration
              • Integration Web Services
              • Postman Collection for LTV
            • 6. Deleting Document
          • Document Signature verification Process
          • Postman Collection for Digital Signature
            • Digital Signature Postman Walkthrough
        • Verification API Integration
          • Web Service Details
          • Postman Collection for Signature Verification API
      • Digital Signature (Multiple Document)
        • Signing Guide
          • Endpoints
          • Document Signing Steps
            • 1. Token
            • 2.Create Documents
            • 3. Create Signer Process
            • 4. Sign Document
            • 5. Obtaining Document
            • 6. LTV Configuration
              • Integration Web Services
              • Postman Collection for LTV
            • 7. Deleting Document
          • Document Signature verification Process
          • Postman Collection for Multiple Document Signing.
    • e-Seal
      • Introduction
      • DESC Process for Dubai Entities
        • Process overview
        • Detailed DESC process description
      • ICA Process for Non-Dubai Entities
        • Onboarding Process
        • Obtaining Credentials and Certificates
      • Integration Web Service
        • PAdES eSeal Signing
        • CAdES eSeal Signing
        • eSeal verification
        • eSeal error codes
      • Postman Collection
    • Hash Signing
      • Introduction
      • Hash Signing (Single Document)
        • Hash Signing (Java SDK Set Up)
          • Quick Setup
          • Hash Signing Process
            • 1. Start the Process
            • 2. Initiate Signing Process
            • 3. Sign PDF Document
          • Endpoints
          • Postman Collection
          • Utility Files
      • Bulk Hash Signing (Multiple Documents)
        • Quick Setup
        • Hash Signing Process
          • 1. Start Signing Process
          • 2. Initiate Signing Process
          • 3. Sign PDF Document
        • Endpoints
        • Postman Collection
  • Web Registration
    • Introduction
    • Steps to create account
    • Endpoints
      • 1. Access Code
      • 2. Access Token
      • 3. User Information
  • Facial Biometric Transactions Confirmation
    • Web Integration
      • Endpoints
      • Integration Steps
        • Obtain Authorization Code
        • Obtain Access Token
        • Obtain User Info
        • Log out User
    • Mobile Integration
      • Mobile Integration Guidelines
  • Guidelines
    • Use-Case Guidelines
      • Standard Authentication Scenarios for Service Provider Use Cases
      • Standard Digital Signature Scenarios for Service Provider Use Cases
      • Standard Implementation Guidelines
    • Design Guidelines
      • UAEPASS Button Guideline
      • Text Message Guidelines
  • Resources
    • Attributes List
    • Sample Apps
    • Staging Apps
    • Assets
  • FAQ
    • Common Integration Issues
  • Versioning
Powered by GitBook
On this page
  • Step 1
  • Step 2
  • Step 3
  • Step 4
  • Step 5
  • Step 6
  • Step 7

Was this helpful?

  1. Quick Start Guide - UAE PASS Staging Environment

Conduct a POC with UAE PASS Authentication

The following content provides you a step-by-step guide on conducting a simple POC with UAE PASS Authentication Feature using Postman.

Step 1

Set up Staging UAE PASS Account

Before you begin you must set up a UAE PASS staging account following the steps given in https://docs.uaepass.ae/start-test-environment-implementation/create-uaepass-user.

The account can be either basic or verified. UAE PASS Authentication feature will support SOP1, SOP2 and SOP3 user account types.

Step 2

Invoke the Authorization Request.

You can use following parameter values for POC purpose.

Authorize Endpoint= https://stg-id.uaepass.ae/idshub/authorize

Client_id= sandbox_stage

Scope = urn:uae:digitalid:profile:general

Redirect_uri= For this POC we are using https://localhost:8000.

acr_values= urn:safelayer:tws:policies:authentication:level:low

Sample Request

https://stg-id.uaepass.ae/idshub/authorize?response_type=code&client_id=sandbox_stage&scope=urn:uae:digitalid:profile:general&state=HnlHOJTkTb66Y5H&redirect_uri=https://localhost:8000&acr_values=urn:safelayer:tws:policies:authentication:level:low

Authorization request should be invoked in browser to obtain user authorization.

Once authorization request is invoked user will get the UAE PASS login page to authorize as follows.

Step 3

Enter the identifier of UAE PASS staging account (Email or Mobile or EID) and click on Login.

Once you click on Login button you will receive the UAE PASS authentication notification request to the UAE PASS Staging mobile app and a notification request with a specific code in the browser.

Step 4

Select the correct code and confirm the notification request.

Step 5

Obtain Authorization Code

Once the user accepts the notification request, UAE PASS will issue the authorization code in the response header as shown in below example.

Sample Response

https://localhost:8080/code-bbc69-344553dc-3445fdscc-HnfgmsfsjjH

Step 6

Invoke the Access Token Request to obtain the access token.

You can use following values for the POC.

Token End point = https://stg-id.uaepass.ae/idshub/token

grant_type = authorization_code

redirect_uri = Redirect URL value used in the authorization request (Step 2).

code = Authorization code received in authorization response.

Authorization Header = Base64 encoded (client_ID : client_Secret)

Curl Request for Token API

curl --location --request POST 'https://stg-id.uaepass.ae/idshub/token?grant_type=authorization_code&redirect_uri=https%3A%2F%2Flocalhost%3A8080&code=bbc69c3b-561b-3cc6-a590-16a2bb8448ed' \
--header 'Authorization: Basic c2FuZGJveF9zdGFnZTpzYW5kYm94X3N0YWdl'

Token request should be a back-channel request and should use postman or as CURL during the POC to invoke the request.

Authorization code is one time usage value and will expire once used to obtain an access token. Expiry time will be 10 mins.

As success response you will receive an access token from UAE PASS as shown in below image.

Step 7

Invoke the User Info request to obtain the user details of the authenticated user.

You can use following values for the POC.

User info Endpoint = https://stg-id.uaepass.ae/idshub/userinfo

Bearer Token = Access token value received from access token response.

Curl Request for User Info API

curl --location 'https://stg-id.uaepass.ae/idshub/userinfo' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer 221fb1c8-deb7-3fca-b9f6-1d18281f2929'

User Info request should be a back-channel request and should use postman or Curl during the POC to invoke the request.

On success you will receive the user information of the authenticated user from UAE PASS.

You can download the postman collection for POC from below attachment.

PreviousTesting Credentials for POCNextAuthentication

Last updated 2 months ago

Was this helpful?

2KB
Authentication APIs Postman Collection V2.postman_collection.json
UAE PASS Login Page
Enter Identifier and Click Login
Match the Code with Notification Request in Mobile
Mobile notification Screen
Authorization Response
Token API request Parameters
Token API Authorization Header
Token API response
User Info Request
User Info Response