Introduction
The Interactive APIs allows end users to manage their BindID account, such as adding new trusted devices. These endpoint are available:
/interactive/init
: used to request a BindID account action from your application./interactive
: used to initiate an end-user BindID interactive flow that updates the user's account. The flow is initiated using the response received from calling/interactive/init
, and all pages and screens use your application's custom branding.
Base URL
The Flow Initialization API is served over HTTPS, and provided as endpoints under:
where <host-name> has the following value depending on the environment:
- Sandbox:
api.bindid-sandbox.io
- Production:
api.bindid.io
- Production EU:
api.eu.bindid.io
Authorization
For the Flow Initialization API endpoint, authentication is performed using an OAuth2 Access Token in the Authorization request header field.
The Authorization
header value should have the following form, where the tokens are replaced according to the descriptions below:
Token | Description |
---|---|
<accesstoken> | Access token associated with the request. |
<authvalue> | Base-64 encoded HMAC-SHA256 on the access token associated with the request, where the HMAC is calculated using the service provider client secret as the key (see the Java code sample below). |
This sample Java code generates the <authvalue> and constructs the Authorization header value:
Errors
The following types of errors will be returned in case of failure.
Unauthorized
For an API call specifying an invalid access token or one that does not belong to the authenticating client ID, the response will be an HTTP 403 Forbidden response:
Others
Each API may indicate other failure responses. All APIs may also return a 500 error in case of an internal server error.