POST /signin
Requires authentication with server access token.
This endpoint generates an unique token (5 minutes of expiration time) sent to user's e-mail, that allows user to log-in to Schibsted account without providing his/hers credentials.
- Only one token per user can be active at one time.
- User doesn't have to be previously registered at Schibsted account.
You can further improve user's experience by setting context of token e-mail & confirmation page by providing a Client information.
Help us improve
Did you spot an error? Or maybe you just have a suggestion for how we can improve? Leave us a comment.
Request
POST /api/2/signin
identifier | requiredEmail of the user |
---|---|
redirectUri | requiredWhere to redirect the user after completing signin request |
remember | optionalRemember user on this device. 0 or 1, defaults to 1 which is remember |
context | optional |
Example request
curl
Minimal example
curl https://login.schibsted.com/api/2/signin \
-X POST \
-H "Authorization: Bearer [access token]" \
-d "identifier=14" \
-d "redirectUri=http://somewhere.com/else/"
With all parameters
curl https://login.schibsted.com/api/2/signin \
-X POST \
-H "Authorization: Bearer [access token]" \
-d "identifier=14" \
-d "redirectUri=http://somewhere.com/else/" \
-d "remember=1" \
-d "context=Foo bar"
Response
This endpoint supports the JSON response format.
Success: 201 Created
Created a new signin request
Failure cases
Some HTTP response codes are used for multiple error situations. There is no consistent way to tell these apart, but the error object will contain a textual explanation of the reason for the error. For explanation on OAuth related failures and errors see OAuth authentication failures.
- 302 Found The email address is blocked
- 400 Bad Request Signin request could not be created
- 400 Bad Request Required identifier parameter is missing
- 400 Bad Request Required identifier parameter is invalid
- 400 Bad Request Required redirectUri parameter is missing
- 400 Bad Request Required redirectUri parameter is invalid or not matching requesting client
- 401 Unauthorized You don't have administration rights for this client.
- 401 Unauthorized Your client doesn't have administration rights for this client.
- 403 Forbidden Client is not authorized to access this API endpoint. Contact Schibsted account to request access.
- 403 Forbidden Requesting IP is not whitelisted
- 403 Forbidden Access token rejected
- 404 Not Found Unknown client ID
- 404 Not Found Client ID mismatch. The client making the request is no the owner of this resource, and does not have administrative privileges for it.
- 409 Conflict Signin request could not be created
- 420 Request Ratelimit exceeded
Sample response
JSON
"Signin request created and sent"
Comments/feedback
Do you have questions, or just want to contribute some newly gained insight? Want to share an example? Please leave a comment. Our team reads and responds to every question. Additionally, your experience can help others using Schibsted account, and it can help us continuously improve our documentation.