FAST LOGIN API
User Info Endpoint
This is the basic API that provides the user's basic profile in JSON Object. "access_token" is required to access to this API. The access_token is retrieved from the Token EndPoint Response
You can click the file below to
download the Token and UserInfo Endpoint Postman Project:
Token and UserInfo Endpoint Postman Project
Request
Userinfo End Point URL: https://hizligiris.com.tr/hizligiris/userinfo
http method: GET
Header Mandatory Parameters
| URI Parameter | Description |
| *Authorization | Bearer access_token Type: String |
| *Content-Type | Describe the format of the "GET" data that
is being sent across. Always set to
"application/x-www-form-urlencoded" Type: String |
Response
Mandatory Parameters
| URI Parameter | Description |
| *sub | PCR stands for "Pseudonymous Customer
Reference". This is a unique identifier that Fast Login uses to
reference an end user Type: String |
| *updated_at | Time at which the user's profile data was
last updated. Its represented as the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time Type: Number |
Optional Parameters
| URI Parameter | Description |
| *phone_number | If user gives consent to share Type: String |
| *phone_number_verified | TRUE if the phone number is verified,
FALSE otherwise It is expected always TRUE if user gives consent Type: Boolean |
| *name | First name and middle name if exists Type: String |
| *family_name | surname Type: String |
| Type: String |
|
| *email_verified | TRUE if the email address is verified,
FALSE otherwise Type: Boolean |
Service Provider must use
PCR to manage subscription management
- GSM Number may change, deactivated or transfered to another subscriber
- For these reasons Service Provider must use PCR number to make relation between Fast Login and its own Subscriber System.
- PCR may change whereas phone number stays the same means there is a new subscription, in this case Service Provider must start with a new subscription flow.
Sample UserInfo Request via using Postman
| Key | Value |
| *Content-Type | application/x-www-form-urlencoded |
| *Accept | application/json |
| *Access-Control-Allow-Origin | mobcon.turkcell.com.tr |
| *Authorization | Bearer eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE1NDg3NDcwMTMsImF1ZCI6ImNsaWVudCIsImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo4MDgwXC9tb2JpbGVjb25uZWN0XC8iLCJqdGkiOiJkNzQ0NTE2OC1hYjE3LTRjZDEtOGQ4NS1hNDM0OTRjNDRhNWYiLCJpYXQiOjE1NDg3NDY4OTN9.ckQZBwbPEpljlhxf6g5BshIwM3bsLdbSrp9XI_Ir8W0YXYtha3dLHSz6PjFKfE1Fx2oAk7_cejhbOEOUVb8niCG3nmlXd3JFS2YIdC8x36E_oWHaudDRnevMfZf6xrkhXaGz9q_NsfuxOsq4Q0mZuNKTTelG3NbprNOaLiHTY18 |
Notes:
Authorization:
- The access_token which you received in the Token EndPoint Response, should be put in the Authorization parameter of the UserInfo Endpoint Request message which is highlighted above
Sample UserInfo Request Response
|
1
2
3
4
5
6
|
{ "sub": "73e9bf5d-64b6-4011-82b7-e44c0cc10391", "updated_at": "1548229567981", "phone_number": "5322XXXXXX", "phone_number_verified": "true", } |
Notes:
phone_number:
- The international phone number will return in +(CountryCode)(AreaCode)(PhoneNumber) format (e.g.+31XXXXXXXX)
- The domestic phone number will return in plain (PhoneNumber) format (e.g.532XXXXXXX)
- REGEX values for GSM No are as follows "^\\+?0?[0-9]{10,18}$"