Verify User Identity

Manage redirect

When the user is authenticated, it is then redirect back to the URL you provided. That URL have been taken from the default one set in the Gate preferences while setting it up. After login the the following query parameters are attached to the provided Redirect URL:

  • result - can be success if the user has been correctly identified, failed if an error occurred

  • message - OK if the result is success, the reason of the failure in case result is failed

  • ianumToken - a single-user token that you need to use to query our API and get who accessed your website

To verify the ianumToken, you can call directly our API endpoints. Find out more in the APIs Documentation section.

Verify Ianum Token

The ianum token is the token generated at the end of the login procedure and associated with the user that has completed it. It's a one time token that lasts 1 minute and it has to be burned to get the authenticated user. You'll find it inside the query string parameter ianumToken appended to the redirect URL.

This is the API call you have to make to burn it.

Verify Ianum Token

POST https://auth.{region}

Get the information about who this user is, burning the ianum Token collected in the user's redirect URL





Should be "Bearer XXXXX" where XXXXX is the token received from /oauth/token endpoint

Request Body




The token collected from the user redirect. The query parameter in the user's redirect url is ianumToken

    "verified": true,  //if the authentication was success
    "idActor": "acr_XXXXXXX",  //the idActor fo the user
    "idSubscription": "sub_XXXXXXXX",  //the idSubscription of this login
    "internalId": "123456" // this parameter is set in case of PRIVATE gates

Last updated