leafleafleafMan illustration
Updated on July 3, 2023

Docly

How to get a security token ?

Estimated reading: 3 minutes

VG Identity Server offers several ways to get security token.

First, you need to declare a platform authentication in your VG Application

How to do an authentication request ?

First, your application needs to create http/s POST request to get the bearer token.

Authenticate with VG User
Authenticate with Windows by Credentials
Authenticate with Database
Authenticate with PasswordLess
MFA Authentication

Authentication request details

Post VariableDescriptionValue
client_idWhat Platform is used to authenticate the user
The name is <application id>_<Platform mode>
Like ADCC6B64-8577-4993-B934-77B9A5BA157B_Native
scopeScope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account. An application can request one or more scopes, this information is then presented to the user in the consent screen, and the access token issued to the application will be limited to the scopes granted.

The OAuth spec allows the authorization server or user to modify the scopes granted to the application compared to what is requested, although there are not many examples of services doing this in practice.
OAuth does not define any particular values for scopes, since it is highly dependent on the service’s internal architecture and needs.		openid
profile
VGActivityDate
VGApplications
VGDeveloper
VGIsApproved
VGIslocked
VGPermissions
VGProfile
VGRoles
VGToken
IdentityServerAPI
offline_access
client_secretYou need to use one secret of your VGIdentityServerClient
grant_typeDefine the type of authentification controllerVGAuthenticator
VGAuthenticationModuleDefine the type of authenticationVGUser
WindowsByCredential
Passwordless
UsernameThis variable is used for the account type:
Visual-Guard, Windows by credentials, etc..
PasswordThis variable is used when the account has password

Response of authentication

Examples of Identity Server responses

  • acccess_token is your secure token
  • expires_in is duration of the token
  • token_type is always Bearer Token
  • scope define what this token have access
  • VGReponse is the response of VGSecurityRuntime
    • AuthenticationState is the status of the authentication
    • AuthorizationState is the state of your current request
    • Error is set if VGSecurityRuntime get an error
    • VGToken is your internal security token
{
    "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IkY2QkNGMDk2NDQ5ODgyNjU5QkNCNjQ4NTcyNzNFNDVCM0JFNTQxRjciLCJ0eXAiOiJKV1QiLCJ4NXQiOiI5cnp3bGtTWWdtV2J5MlNGY25Qa1d6dmxRZmMifQ.eyJuYmYiOjE2NzAzMjQ0NjgsImV4cCI6MTY3MDMyNjI2OCwiaXNzIjoiaHR0cHM6Ly92aXN1YWxndWFyZC1pZGVudGl0eXNlcnZlci5jb20iLCJhdWQiOlsiaHR0cHM6Ly92aXN1YWxndWFyZC1pZGVudGl0eXNlcnZlci5jb20vcmVzb3VyY2VzIiwiSWRlbnRpdHlTZXJ2ZXJBcGkiXSwiY2xpZW50X2lkIjoiNzUwM2UxZWEtMjEyYS00OTAzLWFiYjYtOTM3MDIyMTRmYTg3X05hdGl2ZSIsInN1YiI6ImFkbWluIiwiYXV0aF90aW1lIjoxNjcwMzI0NDY3LCJpZHAiOiJWaXN1YWxHdWFyZCIsInZnSWRlbnRpdHlQcm92aWRlck5hbWUiOiJWaXN1YWxHdWFyZCIsInZnVG9rZW4iOiJFRjRFQ0MwODdBRTdGNTZDNEU2RTY2RTI0NzgyMDc5NjM1RjhBODA1RTY1NjVDRkRFRDgwOEY4OTAyNTU5QkQ4RjZGOTVDMjA3RkZDNjkwNjk1ODM1Rjk2MDYyMjAxRjNEMDJCRTA5Qzk4MUQ1NTE2OTEzNEFEMUE3MEMwRkRCMSIsInZnVXNlcklkIjoiYWRtaW4iLCJzY29wZSI6WyJvcGVuaWQiLCJwcm9maWxlIiwiVkdBY3Rpdml0eURhdGUiLCJWR0FwcGxpY2F0aW9ucyIsIlZHRGV2ZWxvcGVyIiwiVkdJc0FwcHJvdmVkIiwiVkdJc0xvY2tlZCIsIlZHUGVybWlzc2lvbnMiLCJWR1Byb2ZpbGUiLCJWR1JvbGVzIiwiVkdUb2tlbiIsIklkZW50aXR5U2VydmVyQXBpIl0sImFtciI6WyJWaXN1YWxHdWFyZCJdfQ.M7xNU2xKihbmmGdO5F2TEmkEBJKBLlSm1LQt8Lc6f4CmBu3bo6SnYdlHPRjiU-YrS7bZIf_vxpD9J4TG2fQAO4Zh-g5FwquRpqGYgDufbIBdD_vyhouDTK1SwIH8xSmuFh3MKmFf34WMGXxf4PrZpoFDfA95k6iGLaC9_Va5TMJ9Sj8BVxte2NZZ9SOTzcwXMMiOsg68ohJuFxw8TJLL2A2XFu0Cgy09vgEMusp2p84Nim0Lb675BrPq-etBHmf8CzTGDooSp_Mi6SjBtIEsXoPUN23rHjql3CKR5Ai_QYub3w4hESWbg-kM-SxeVkKMFF0VFhcBnd-nUmEcdQhslg",
    "expires_in": 1800,
    "token_type": "Bearer",
    "scope": "IdentityServerApi openid profile VGActivityDate VGApplications VGDeveloper VGIsApproved VGIsLocked VGPermissions VGProfile VGRoles VGToken",
    "VGResponse": {
        "AuthenticationState": {
            "Status": 2048,
            "IsFailed": false,
            "IsNotApproved": false,
            "IsCanceled": false,
            "IsCredentialInvalid": false,
            "IsUserNotAuthorized": false,
            "IsUserAccountExpired": false,
            "IsUserAccountNotYetAvailable": false,
            "IsUserAccountDisabled": false,
            "IsUserAccountLocked": false,
            "IsLastBadLogin": false,
            "IsLastGraceLogon": false,
            "IsPasswordExpired": false,
            "IsPasswordSecure": true,
            "IsUserAccountLockedOut": false,
            "IsUserAccountWillBeLockedOut": false,
            "MustChangePasswordAtNextLogon": false,
            "IsMFAWaitingUserAction": false,
            "IsMFATimeOut": false,
            "HasUserAccountMissingEmail": false,
            "HasUserAccountMissingMobilePhone": false
        },
        "AuthorizationState": {
            "Status": 16,
            "IsFailed": false,
            "IsCanceled": false,
            "IsUserNotFound": false,
            "IsUserNotAuthorized": false,
            "IsVersionNotCompatible": false
        },
        "Error": {
            "Message": "",
            "StackTrace": ""
        },
        "AuthorizationStatus": "Success",
        "AuthenticationStatus": "Success",
        "VGToken": "EF4ECC087AE7F56C4E6E66E24782079635F8A805E6565CFDED808F8902559BD8F6F95C207FFC690695835F96062201F3D02BE09C981D55169134AD1A70C0FDB1"
    }
}

Articles

Share this Doc
CONTENTS

Powered By Visual-Guard