Difference between revisions of "LoginTrustedDevice"
(Created page with "{{Api_Method_Spec| Description=This method can be used by Trusted Devices to generate a token. The generated Token will carry all the information regarding the device, user, etc....") |
(No difference)
|
Revision as of 14:58, 2 June 2014
Description
This method can be used by Trusted Devices to generate a token. The generated Token will carry all the information regarding the device, user, etc. and is required to consume most of the methods of UNIAPI with specific user context. The token generated is valid during the next 24 hours (configurable in GVP).
The logged token can be easily identified because it starts with the chars: AU_
This method will verify that the Device(deviceType/deviceId) provided is linked to the current user as TrustedDevice, and it will verify that the Device is enabled.
The UNIAPI will only allow users in Active status to login (excluded and suspended users will return an exception). For users in AwaitingEmailConfirmation status, it depends on a flag configured at instance level (GVP_INSTANCES.AllowLoginBeforeEmailConfirmationFlag):
- If AllowLoginBeforeEmailConfirmationFlag = true, if the user tries to login in AwaitingEmailConfirmation status, the login will be allowed and the user status will be changed to Active status.
- If AllowLoginBeforeEmailConfirmationFlag = false, then UserNotYetActivatedException is thrown.
TODO: link with enumeration.
Geo-Location
This method applies GeoLocation restriction. It extracts the IP address from the request and retrieves the Country of the IP from the MaxMind Database. Then, it verifies if the Country from where the request was generated is linked to the instance (GVP_INSTANCES). If not, UserTryingToRoamingException exception is thrown.
The user can be marked as Geoblocking whitelist (inside User Profile, GVP_USERS). In this case, the Geoblocking is not applied for this user.
BI
This method creates an entry in GVP_LogLogin collection (even if the login was successful or not)
Parameters
- deviceType (int, required)
- The device type code (see #DeviceTypeCodes enumeration to know the list of device types allowed)
- deviceId (string, required)
- Device ID that uniquely identifies the device. This is usually a device factory identifier. In order to login with a device as TrustedDevice, the user needs to previously register the device as trusted device (using Registration Service methods).
- instanceId (int, required)
- The id of the instance (OB) for the current environment. This ID might vary depending on the environment.
Returns
Returns a JSON object containing the generated token and its expiration time (in UnixTimestamp format).
Example:
{
- Login Object
}
Exceptions
- InvalidInstanceForUserException
- InvalidDeviceIdException
- UserDeviceDisabledException
- UserTryingToRoamingException
- InvalidUserException
- UserNotYetActivatedException
- SuspendedUserException
- ExcludedUserException
Caching
This method is not cached.
Known issues
None
Version history
API Version Number | Change description | Changes author |
---|---|---|
1.0 | Initial method design | Harley Cabral |
2.1 | Added AllowLoginBeforeEmailConfirmationFlag business logic. | Harley Cabral |
See also
- RegisterTrustedDevice method
- Authentication Service methods