FAST LOGIN API
About Fast Login API
Fast Login is basically an extended type of Outh 2.0
https://tools.ietf.org/html/rfc6749
but it differentiates a bit from RFC 6749 which you can find in: https://github.com/GSMA-OneAPI/Mobile-Connect/tree/master/specifications
- Service Provider calls 3 end-points to achieve Fast Login Login
- authentication
- authenticate user via GSM number
- produce authentication-code
- client2server
- directly opened Fast Login authentication url via web browser
- token
- authenticate Service Provider with client/secret and authentication code
- consumes authentication-code and produce token
- server2server
- IP restricted on Fast Login
- You should provide your server dns info to access it
- userInfo
- gives user attributes
- PCR (Pseudonymous Customer Reference):
- The PCR is a unique id that always represents a specific user
- public profile: always share with Service Provider
- Service Provider has to use PCR to relate Fast Login and its own Subcription System.
- phone_number
- e-mail (verified or unverified)
- name and family name
- Service Provider must provide a service to get authentication codes after called authentication end-point called "redirect uri"
- "redirect uri" called by client browser by http redirect (http 302)
- after authentication done Fast Login redirects the client browser to Service Provider redirect uri
- Fast Login endpoints start with:
- You can find more details on GSMA Mobile Connect Developer Portal:
https://developer.mobileconnect.io/mobile-connect-api
1.1 Fast Login info and extra documents on GSMA
Service Providers can get the required integration (for Discovery API platform & Turkcell Fast Login platform) documents from the below link (CPAS05 doc.);
https://github.com/GSMA-OneAPI/Mobile-Connect/tree/master/specifications