search

Login

circle-info

This page must be considered part of the iSHARE Framework

This page is considered normative and is therefore compliant with RFC 2119.

hashtag
Allow Conformance Test Tool (CTT) to login

post

The /login endpoint is required in order to pass Conformance Test Tool (CTT). The endpoint allows user to authenticate himself using username and password. After successful authentication if user grants permit to requested scopes redirection to Service Provider should happen.

Header parameters
Content-TypestringRequired

Defines request body content type. MUST be equal to application/x-www-form-urlencoded.

Example: x-www-form-urlencoded
Body
usernamestringRequired

Human user’s login name. Could be email, mobile phone number, nickname etc.

Example: username
passwordanyRequired

Human user’s password.

Example: password
Responses
chevron-right
200

Login was successful and single page application will be responsible for redirection to returnUrl parameter.

No content
post
/login
No content
circle-info

CTT is going to use a low level of assurance because passing login when 2FA is enabled would be infeasible. Production environment should be way more secure, and traditional authentication using credentials could be even disabled if there is a need to use more secure ways of logging in, like biometrics, ID card logins, etc.

circle-info

It is not mandatory to have the same parameter names because CTT supports any parameter names for credentials.

circle-info

iSHARE documentation does not cover login failures because it’s only within the Identity Providers' scope.

PreviousAuthoriseNextAccess token

Last updated