Now that you have an access token, you can use it to authenticate the following Hosted Login configuration calls for creating a v2 login policy.
Unlike the previous /login/token call, which required Basic Authorization with an ID and secret, these calls require Bearer Token Authorization with the access token you just provisioned. This token lasts one hour - when it expires, you can go back and provision a new one.
Call the /config/clients/<janrainOidcClientId> endpoint with GET method to obtain your existing Login Policy identifier.
curl -X GET \
https://v1.api.REGION.janrain.com/CUSTOMER_ID/config/clients/OIDC_CLIENT_ID \
-H 'Authorization: Bearer ACCESS_TOKEN'
Enter the loginPolicy value from your call’s response below.
1ab23c45-6789-0123-d4ef-5g678h90ijk1
Call the /config/loginPolicies/<loginPolicy> endpoint with GET method to get your existing Login Policy configuration. This configuration includes your loginURL.
curl -X GET \
https://v1.api.REGION.janrain.com/CUSTOMER_ID/config/loginPolicies/LOGIN_POLICY \
-H 'Authorization: Bearer ACCESS_TOKEN'
In the response to this call, does your loginURL already include the v2 indicator? Like this:
"loginURL": "https://v1.api.us.janrain.com/e0a70b4f-1eef-4856-bcdb-f050fee66aae/auth-ui/v2/login",
If so, STOP HERE! You’re already using Hosted Login v2 for this login policy and all clients associated with it. You may want to:
Copy the full JSON object from the response and paste it into the text box below.
Then make the following 3 changes:
loginURL for Hosted Login v2: Change .../auth-ui/login to .../auth-ui/v2/loginid parametertitle to differentiate your new login policy from the existing one. Example: “title”: “My Login Policy v2"{
"identityStoreDetails": {
"type": "janrainCapture",
"connectionDetails": {
"domain": "eu-dev.janraincapture.com",
"applicationId": "a1bcde2fg3h456ijk7l8mnop9q",
"entityType": "user",
"clientId": "abcdefghijkl1mn2o3pqrstuvw4x5yza",
"clientSecret": "abc12de3fghijklmnop456qr7st89uvw"
}
},
"loginURL": "https://v1.api.eu.janrain.com/a12bc34d-567e-8f90-gh12-3i45jk678lm9/auth-ui/v2/login",
"title": "My Login Policy v2"
}
Tip! The _links property is not configurable and can be safely removed from the JSON for simplicity, as in the example above.
To create the new v2 login policy, call the /config/loginPolicies endpoint with the POST method, passing the full, updated JSON object in the body of the call.
curl -X POST \
https://v1.api.REGION.janrain.com/CUSTOMER_ID/config/loginPolicies \
-H 'Authorization: Bearer ACCESS_TOKEN' \
-H 'Content-Type: application/json' \
-d 'MY V2 LOGIN POLICY'
403 Forbidden, this is probably due to an expired access token. You can provision a new one and try again."title" value in your login policy for apostrophes (example: "title": "Wayne's World Login Policy v2"). If there is an apostrophe in the "title" value, remove it before importing the call. Then you can add it back in the Body tab of the call after you’ve imported it.Enter the value from your call’s response below (without the quotes). This is the identifier for your new login policy. We’ll use this in the next step.
2bc34d56-7890-1234-e5fg-6h789i01jkl2