Identity Management

POST /devices

Requires authentication with user access token.

Endpoint used to store mobile Device Fingerprints for every user log in or sign up actions. As a result it generates device fingerprint hash based on unique device identifier, unified platform name and application name.

See also

Help us improve

Did you spot an error? Or maybe you just have a suggestion for how we can improve? Leave us a comment.

Request

POST /api/2/devices

deviceId

required

Unique ID of mobile device

platform

required

Mobile platform name (one of iPad, iPhone or Android)

applicationName

required

Name of client application

applicationVersion

optional

Version of client application

Example request

cURL
Minimal example
curl https://login.schibsted.com/api/2/devices \
   -X POST \
   -d "oauth_token=[access token]" \
   -d "deviceId=392a0a88-a1ab-4832-b092-5269c8722328" \
   -d "platform=iPhone" \
   -d "applicationName=Sample app"
With all parameters
curl https://login.schibsted.com/api/2/devices \
   -X POST \
   -d "oauth_token=[access token]" \
   -d "deviceId=392a0a88-a1ab-4832-b092-5269c8722328" \
   -d "platform=iPhone" \
   -d "applicationName=Sample app" \
   -d "applicationVersion=139.83.13"
Java
Minimal example
Map<String, String> params = new HashMap<>() {{
    put("deviceId", "392a0a88-a1ab-4832-b092-5269c8722328");,
    put("platform", "iPhone");,
    put("applicationName", "Sample app");
}};

SpidOAuthToken token = spidClient.getUserToken(code);
String responseJSON = spidClient.
    POST(token, "/devices", params).
    getResponseBody();
With all parameters
Map<String, String> params = new HashMap<>() {{
    put("deviceId", "392a0a88-a1ab-4832-b092-5269c8722328");,
    put("platform", "iPhone");,
    put("applicationName", "Sample app");,
    put("applicationVersion", "139.83.13");
}};

SpidOAuthToken token = spidClient.getUserToken(code);
String responseJSON = spidClient.
    POST(token, "/devices", params).
    getResponseBody();

This example is an excerpt, see a full example

PHP
Minimal example
<?php
$params = array(
    "deviceId" => "392a0a88-a1ab-4832-b092-5269c8722328",
    "platform" => "iPhone",
    "applicationName" => "Sample app"
);

$client->auth();
echo var_dump($client->api("/devices", "POST", $params));
With all parameters
<?php
$params = array(
    "deviceId" => "392a0a88-a1ab-4832-b092-5269c8722328",
    "platform" => "iPhone",
    "applicationName" => "Sample app",
    "applicationVersion" => "139.83.13"
);

$client->auth();
echo var_dump($client->api("/devices", "POST", $params));

This example is an excerpt, see a full example

Clojure
Minimal example
(ns example
  (:require [spid-client-clojure.core :as spid]))

(let [client (spid/create-client "[client-id]" "[secret]")
      token (spid/create-user-token client "[code]")]
  (spid/POST client token "/devices" {"deviceId" "392a0a88-a1ab-4832-b092-5269c8722328"
                                      "platform" "iPhone"
                                      "applicationName" "Sample app"}))
With all parameters
(ns example
  (:require [spid-client-clojure.core :as spid]))

(let [client (spid/create-client "[client-id]" "[secret]")
      token (spid/create-user-token client "[code]")]
  (spid/POST client token "/devices" {"deviceId" "392a0a88-a1ab-4832-b092-5269c8722328"
                                      "platform" "iPhone"
                                      "applicationName" "Sample app"
                                      "applicationVersion" "139.83.13"}))

Response

This endpoint supports the JSON response format.

Success: 201 Created

Device fingerprint created successfully

Device Fingerprint

hash

string

Generated device fingerprint hash

The check mark indicates that the field always contains a valid non-empty value.

Failure cases

Some HTTP response codes are used for multiple error situations. There is no consistent way to tell these apart, but the error object will contain a textual explanation of the reason for the error. For explanation on OAuth related failures and errors see OAuth authentication failures.

  • 400 Bad Request Invalid payload data
  • 401 Unauthorized You don't have administration rights for this client.
  • 401 Unauthorized Your client doesn't have administration rights for this client.
  • 401 Unauthorized Invalid token
  • 403 Forbidden Client is not authorized to access this API endpoint. Contact SPiD to request access.
  • 403 Forbidden Requesting IP is not whitelisted
  • 403 Forbidden Unauthorised access
  • 403 Forbidden Access token rejected
  • 404 Not Found Unknown client ID
  • 404 Not Found Client ID mismatch. The client making the request is no the owner of this resource, and does not have administrative privileges for it.
  • 420 Request Ratelimit exceeded

Sample response

JSON
{
  "hash": "796fb583aec3115cdc4bda02e2ad2e4a25211f8871f54221ede1f4ee28b8d9ce"
}

Comments/feedback

Do you have questions, or just want to contribute some newly gained insight? Want to share an example? Please leave a comment. SPiD reads and responds to every question. Additionally, your experience can help others using SPiD, and it can help us continuously improve our documentation.