Token

Exchange a code for a token with the Next Identity API

📘

API reference for /token endpoint

In addition to the integration documentation in this section, refer to the API Reference for the /token endpoint for more details.

Introduction

❗️

Differences in /token usage between Next Identity Journeys and the Next Identity API

If your application is using Next Identity Journeys for your integration, do not follow the instructions below; these are intended for Next Identity API integrations.

The /token call used with an API integration differs from the token endpoint used in the Next Identity Journeys integration.

Sample API Calls

Exchange authorization code for token

This is a sample of code-for-token exchange with email via API call:

curl --request POST \
     --url https://id.eu.nextreason.com/idp/v1/account/token \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
{
     "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
     "code": "xkh5eth948e4ej",
     "grant_type": "authorization_code",
     "redirect_uri": "https://localhost.com",
     "auth_type": "email",
     "user_id": "[email protected]"
}
'

🚧

Note for /token endpoint

There is also a parameter in the /token call that can set the legal acceptances version for the user if passed in "legal_acceptances": true. This is used when a user has signed in via API call, and the response from that call indicates the user has not accepted your current terms. We suggest you present a screen where they do accept the legal agreements prior to you submitting the /token call. Please contact your Next Reason integration consultant for more details about this use case.

Exchanging OTP for a token

The sample API call shown below would work when a user has received an OTP; for example, after initiating a forgot password PIN request.

curl --location --request POST 'https://id.eu.nextreason.com/idp/v1/account/token' \
--header 'Content-Type: application/json' \
--data-raw '
{
     "grant_type": "pin",
     "redirect_uri": "http://localhost.com",
     "code": "xkh5eth948e4ej",
     "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
     "auth_type": "sms",
     "user_id": "+15417543010"
}
'

What’s Next