POST /passwordless/start
The passwordless endpoint is in closed BETA, and should not be used unless given explicit permission.
This endpoint starts the passwordless signin flow, where users can both be created and logged in.
See also
Help us improve
Did you spot an error? Or maybe you just have a suggestion for how we can improve? Leave us a comment.
Request
POST /api/2/passwordless/start
connection | requiredEither "sms" or "email" depending on what kind of passwordless auth is required |
---|---|
phoneNumber | optionalPhone number if doing SMS auth |
optionalEmail address if doing email auth | |
locale | optionalLocale with which to send the message |
Example request
curl
Minimal example
curl https://login.schibsted.com/api/2/passwordless/start \
-X POST \
-d "connection=sms"
With all parameters
curl https://login.schibsted.com/api/2/passwordless/start \
-X POST \
-d "connection=sms" \
-d "phoneNumber=+46701111111" \
-d "email=johnd@example.com" \
-d "locale=nb_NO"
Response
This endpoint supports the JSON response format.
Success: 200 OK
Passwordless email or SMS sent
PasswordlessToken
passwordlessToken ✓ | stringUUID to reference passwordless data |
---|
The check mark ✓ indicates that the field always contains a valid non-empty value.
Failure cases
Some HTTP response codes are used for multiple error situations. There is no consistent way to tell these apart, but the error object will contain a textual explanation of the reason for the error. For explanation on OAuth related failures and errors see OAuth authentication failures.
- 400 Bad Request Missing connection
- 400 Bad Request Invalid/empty phone or email
- 401 Unauthorized You don't have administration rights for this client.
- 401 Unauthorized Your client doesn't have administration rights for this client.
- 403 Forbidden Client is not authorized to access this API endpoint. Contact Schibsted account to request access.
- 403 Forbidden Requesting IP is not whitelisted
- 403 Forbidden Token is not authorized to access this endpoint
- 404 Not Found Unknown client ID
- 404 Not Found Client ID mismatch. The client making the request is no the owner of this resource, and does not have administrative privileges for it.
- 420 Request Ratelimit exceeded
Comments/feedback
Do you have questions, or just want to contribute some newly gained insight? Want to share an example? Please leave a comment. Our team reads and responds to every question. Additionally, your experience can help others using Schibsted account, and it can help us continuously improve our documentation.