Verify Token API
      Back to home
      1. Support Center
      2. Safous WAAP Developer Guide
      3. Verify Token API

      Introduction to Verify Token API

      The Verify Token API is used to provide device verification. This is a process to verify that newly registered device is verified by Application Backend.

      It is done by Application Backend, and completed at Safous Web Application and API Protection (WAAP).

      Flow Diagram

      VT Diagram
      Description :

      Before doing the process, Backend application will generate a private key and share the value of public key to Safous WAAP.

      1. Client Application request verification token for registered customer and get return verify_token (in JWT format).
      2. Client Application request device verification to safous WAAP and get return OK http response of 200 that the customer has registered.

      Verify Token API – Backend Application

      This API is called by client device after device registration process at Safous WAAP, to the specified URL at Application Backend. The objective of Verify Token API if to provide a verification by Application Backend that the registered device at Safous that calls this API is used by the User's Application. By verifying the device request, the Application Backend returns a token (Verify Token) that identifies the application user.

      This API provided by Application Backend, or can be provided a 3rd party that is trusted by Application owner.

      Request

      URL

      https://example.xxx.xxxx.safous.com/api/devices/verify

      Method

      GET

      Content-Type

      application/json

      Body

      {"device_id": "xxxxxxxxxxxxxxxx"}

       

      Description

      device_id

      device_id or Session id

       

       

       

       

       

      Response

      Body

      {"verify_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIwODUzNTM1MzUzNTMiLCJuYW1lIjoieXVkaGEgc2l0dW1vcmFuZyIsImlhdCI6MTUxNjIzOTAyMn0.tHptXTxwg85Y-DkN0H8VRZ-mK_FBi7L6HNtwgm6ekPk",

      "token_type":"Bearer",

      "expires_in":"60"}

       

      Description

      Verify_token

      Verification user for safous WAAP in format JWT

      token_type

      Token type

      expires_in

      Expired verify_token (in second)

       

       

       

       

      Verify Token API – Safous WAAP

      This API is called by client device after receiving Verify Token from Application Backend.

      When Safous WAAP receives this request, it verifies the validity of this token and updates the policy linked to the client device which then enables it to connect to separate URL setup to access Application Backend's APIs.