{"componentChunkName":"component---src-pages-author-author-yaml-id-js","path":"/author/indrasen-kumar/","result":{"data":{"allMarkdownRemark":{"edges":[{"node":{"id":"df511249-12dd-584f-8b40-3a1e682951ad","html":"<h1 id=\"getting-started-with-oauth-20\" style=\"position:relative;\"><a href=\"#getting-started-with-oauth-20\" aria-label=\"getting started with oauth 20 permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a>Getting Started with OAuth 2.0</h1>\n<p>OAuth has been a jargon for quite some time now and it is difficult for a beginner to learn it, not because OAuth is hard, but because of the confusing facts found about OAuth on the web. So I wrote this article to explain why and how OAuth is used in very simple terms.</p>\n<p>Let’s start with the basics: OAuth stands for Open Authorization. It’s a process through which an application or website can access private data from another website.\nIt provides applications the ability for “secure designated access.” For example, you can tell Google that it’s OK for abc.com to access your google account or contact without having to give abc.com your google password. </p>\n<p>OAuth never share password data but instead uses authorization tokens to prove an identity between consumers and service providers. OAuth is an authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password.</p>\n<h3 id=\"now-lets-have-a-look-at-oauth-20-terminology\" style=\"position:relative;\"><a href=\"#now-lets-have-a-look-at-oauth-20-terminology\" aria-label=\"now lets have a look at oauth 20 terminology permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a>Now Let’s have a look at OAuth 2.0 Terminology.</h3>\n<ul>\n<li><strong>Resource Owner:</strong> The resource owner is the user who authorizes an application to access their account. The application's access to the user's account is limited to the “scope” of the authorization granted (e.g., read or write access).</li>\n<li><strong>Client:</strong> The client is the application that’s trying to access the user's account. It needs to get permission from the user before accessing the account. For example, a client application can present the user with the login page to get an access token for access to a particular resource.</li>\n<li><strong>Authorization Server:</strong> The authorization server validates the user credentials and redirects the user back to the client with an authorization code. The client communicates with the authorization server to confirm its identity and exchanges the code for an access token.</li>\n<li><strong>Resource Server:</strong> A resource server is a server for access-protected resources. It handles authenticated requests from an app that has an access token. </li>\n<li><strong>Scope:</strong> It specifies the level of access that the application is requesting from the client.</li>\n<li><strong>Consent:</strong> The consent screen tells your users who is requesting access to their data and what kind of data you're asking to access. </li>\n</ul>\n<p>We have a pretty good understanding of OAuth 2.0 and Terminology, let’s move further and discuss the OAuth grant type that is widely used in this protocol.</p>\n<p>In total, there are five different grant type flows defined and described to perform authorizations tasks. Those are</p>\n<ul>\n<li>Authorization Code Grant</li>\n<li>Implicit Grant</li>\n<li>Resource Owner Credentials Grant</li>\n<li>Client Credentials Grant</li>\n<li>Refresh Token Grant</li>\n</ul>\n<h3 id=\"authorization-code-grant\" style=\"position:relative;\"><a href=\"#authorization-code-grant\" aria-label=\"authorization code grant permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a>Authorization Code Grant</h3>\n<p>The Authorization Code Grant Type is the most commonly used grant type.</p>\n<p><img src=\"/47e9006e434b8236e62cf478cf75e1ef/image4.webp\" alt=\"Authorization Code Grant\"></p>\n<p><strong>The Story:</strong> A user tries to log in on  abc.com  but he can’t remember his password and he discovers an option to sign in with google, by clicking on this, the user will easily get logged using google account.</p>\n<p><strong>Flow</strong></p>\n<p>The client redirects the user to the authorization server having the following parameters in the query string.</p>\n<p><strong>Step 1</strong></p>\n<ul>\n<li><strong>response_type</strong> having the value code</li>\n<li><strong>client_id</strong> having the client identifier</li>\n<li><strong>redirect_uri</strong> having the client redirect URI. </li>\n<li><strong>scope</strong> a space-delimited list of scopes</li>\n<li><strong>state</strong> having a random string </li>\n</ul>\n<p>After successful authentication, the user will be redirected to the Consent screen where he needs to provide consent to abc.com to access the account detail.\nAuthorization code is generated by the authorization server and sent back to the client with redirect Uri.</p>\n<p><strong>Step 2</strong>\nThe client will now send a POST request to the authorization server with the following parameters:</p>\n<ul>\n<li><strong>grant_type</strong> having the value of authorization_code</li>\n<li><strong>client_id</strong> having the client identifier</li>\n<li><strong>client_secret</strong> having the client secret</li>\n<li><strong>redirect_uri</strong> having the same redirect URI the user redirected back.</li>\n<li><strong>code</strong> having the authorization code from the query string</li>\n</ul>\n<p>In the entire flow, the access token is never exposed to a web browser.</p>\n<h3 id=\"implicit-grant\" style=\"position:relative;\"><a href=\"#implicit-grant\" aria-label=\"implicit grant permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a>Implicit Grant</h3>\n<p>The Implicit flow was a simplified OAuth flow previously recommended for client-side applications like JavaScript apps where the access token was returned immediately without an extra authorization code exchange step.</p>\n<p><img src=\"/14a734511c957c8301b0085584c59814/image2.webp\" alt=\"Implicit Grant\"></p>\n<p>The Story: In this flow abc.com directly get access token without an extra authorization code exchange steps and able to access resources on a resource server</p>\n<p><strong>Flow</strong></p>\n<p>The client will redirect the user to the authorization server with the following parameters in the query string:</p>\n<ul>\n<li><strong>response_type</strong> having the value token</li>\n<li><strong>client_id</strong> having the client identifier</li>\n<li><strong>redirect_uri</strong> having the client redirect URI. </li>\n<li><strong>scope</strong> a space-delimited list of scopes</li>\n<li><strong>state</strong> having the random string</li>\n</ul>\n<p>It is not recommended to use the implicit flow (and some servers prohibit this flow entirely) due to the inherent risks of returning access tokens in an HTTP redirect without any confirmation that it has been received by the client.</p>\n<h3 id=\"resource-owner-credentials-grant\" style=\"position:relative;\"><a href=\"#resource-owner-credentials-grant\" aria-label=\"resource owner credentials grant permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a>Resource Owner Credentials Grant</h3>\n<p>The resource owner password credentials grant type is suitable in cases where the resource owner has a trust relationship with the client, such as a highly privileged application. The authorization server should take special care when enabling this grant type and only allow it when other flows are not viable.</p>\n<p>This grant type is suitable for clients capable of obtaining the resource owner’s credentials (username and password, typically using an interactive form). It is also used to migrate existing clients using direct authentication schemes such as HTTP Basic or Digest authentication to OAuth by converting the stored credentials to an access token.</p>\n<p><strong>Flow</strong></p>\n<p>The client will ask the user for their authorization credentials (usually a username and password).\nThe client then sends a POST request with following body parameters to the authorization server:</p>\n<ul>\n<li><strong>grant_type</strong> having the value password</li>\n<li><strong>client_id</strong> having the client’s ID</li>\n<li><strong>client_secret</strong> having the client’s secret</li>\n<li><strong>scope</strong> having a space-delimited list of requested scope permissions.</li>\n<li><strong>username</strong> having  a user’s username</li>\n<li><strong>password</strong> having a user’s password</li>\n</ul>\n<h3 id=\"client-credentials-grant\" style=\"position:relative;\"><a href=\"#client-credentials-grant\" aria-label=\"client credentials grant permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a>Client Credentials Grant</h3>\n<p>Using this flow the client can request an access token using only its client credentials (or other supported means of authentication).</p>\n<p><img src=\"/ea2d4e2857578a4ac594bac0213a684c/image3.webp\" alt=\"Client Credentials Grant\"></p>\n<p><strong>The Story:</strong> The client application presents its client credentials (client identifier and client secret) to the authorization server requesting approval to access the protected resource (owned by the client application) on the resource server.\nThe authorization server authenticates the client credential and issues an access token.</p>\n<p><strong>Flow</strong></p>\n<p>The client sends a POST request with following body parameters to the authorization server:</p>\n<ul>\n<li><strong>grant_type</strong> having the value client_credentials</li>\n<li><strong>client_id</strong> having the client’s ID</li>\n<li><strong>client_secret</strong> having the client’s secret</li>\n<li><strong>scope</strong> having a space-delimited list of requested scope permissions.</li>\n</ul>\n<h3 id=\"refresh-token-grant\" style=\"position:relative;\"><a href=\"#refresh-token-grant\" aria-label=\"refresh token grant permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a>Refresh Token Grant</h3>\n<p>Access tokens eventually expire, however, some grants respond with a refresh token which enables the client to refresh the access token.</p>\n<p><strong>Flow</strong></p>\n<p>The client sends a POST request with following body parameters to the authorization server:</p>\n<ul>\n<li><strong>grant_type</strong> having the value refresh_token</li>\n<li><strong>refresh_token</strong> having the refresh token</li>\n<li><strong>client_id</strong> having the client’s ID</li>\n<li><strong>client_secret</strong> having the client’s secret</li>\n<li><strong>scope</strong> having a space-delimited list of requested scope permissions. </li>\n</ul>\n<h2 id=\"conclusion\" style=\"position:relative;\"><a href=\"#conclusion\" aria-label=\"conclusion permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a>Conclusion</h2>\n<p>I hope you got an idea of how OAuth works and why it is needed. Now it’s time for you to go explore, find out more about the OAuth flow and implement it into your application.\nGood Luck and have fun! Thank you for following this article and hope it helped you! Please do buzz me if you want any help: indrasen.kumar@loginradius.com</p>\n<style class=\"grvsc-styles\">\n  .grvsc-container {\n    overflow: auto;\n    -webkit-overflow-scrolling: touch;\n    padding-top: 1rem;\n    padding-top: var(--grvsc-padding-top, var(--grvsc-padding-v, 1rem));\n    padding-bottom: 1rem;\n    padding-bottom: var(--grvsc-padding-bottom, var(--grvsc-padding-v, 1rem));\n    border-radius: 8px;\n    border-radius: var(--grvsc-border-radius, 8px);\n    font-feature-settings: normal;\n  }\n  \n  .grvsc-code {\n    display: inline-block;\n    min-width: 100%;\n  }\n  \n  .grvsc-line {\n    display: inline-block;\n    box-sizing: border-box;\n    width: 100%;\n    padding-left: 1.5rem;\n    padding-left: var(--grvsc-padding-left, var(--grvsc-padding-h, 1.5rem));\n    padding-right: 1.5rem;\n    padding-right: var(--grvsc-padding-right, var(--grvsc-padding-h, 1.5rem));\n  }\n  \n  .grvsc-line-highlighted {\n    background-color: var(--grvsc-line-highlighted-background-color, transparent);\n    box-shadow: inset var(--grvsc-line-highlighted-border-width, 4px) 0 0 0 var(--grvsc-line-highlighted-border-color, transparent);\n  }\n  \n</style>","frontmatter":{"title":"Getting Started with OAuth 2.0","author":{"id":"Indrasen Kumar","github":"indrasen715","avatar":null},"date":"August 24, 2020","updated_date":null,"tags":["Engineering","Oauth","Authentication"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7699115044247788,"src":"/static/2b98b97b1a199e3e7378bcf740073407/58556/oauth2.webp","srcSet":"/static/2b98b97b1a199e3e7378bcf740073407/61e93/oauth2.webp 200w,\n/static/2b98b97b1a199e3e7378bcf740073407/1f5c5/oauth2.webp 400w,\n/static/2b98b97b1a199e3e7378bcf740073407/58556/oauth2.webp 800w,\n/static/2b98b97b1a199e3e7378bcf740073407/1fb14/oauth2.webp 960w","sizes":"(max-width: 800px) 100vw, 800px"}}}},"fields":{"authorId":"Indrasen Kumar","slug":"/engineering/oauth2/"}}},{"node":{"id":"39e6473e-6eee-567a-bca2-c60ca0b6dc3f","html":"<p>We're delightfully Announcing SDK Version 10.0.0. </p>\n<p>This full-version release includes major changes with several improvements and optimizations, the details have been given below. For complete information please visit <a href=\"https://www.loginradius.com/docs/api/\">LoginRadius API documents</a>.</p>\n<h3 id=\"new-features-added\" style=\"position:relative;\"><a href=\"#new-features-added\" aria-label=\"new features added permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a><strong>New Features Added:</strong></h3>\n<ul>\n<li><strong>Added PIN Authentication feature APIs.</strong> : We have added the PIN authentication feature. By enabling this feature Customer can provide PIN code for the authorization process. For more details please refer to the <a href=\"https://www.loginradius.com/docs/api/v2/customer-identity-api/authentication/pin-authentication/overview/\">PIN Authentication Document</a>.</li>\n<li><strong>Added Consent Management feature APIs. :</strong> The Consent Management feature allows collecting consent details from the new or existing customers so that you can further use that data.</li>\n<li><strong>Added Local SOTT generation (Secured one-time token):</strong> SOTT is used for LoginRadius user registration via the authentication API or via the Javascript Interfaces. Now SOTT can be generated from the SDK. More detail on SOTT Usage can be seen <a href=\"https://www.loginradius.com/docs/api/v2/customer-identity-api/sott-usage\">here</a>.</li>\n</ul>\n<h3 id=\"improvements-and-optimizations\" style=\"position:relative;\"><a href=\"#improvements-and-optimizations\" aria-label=\"improvements and optimizations permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a><strong>Improvements and optimizations:</strong></h3>\n<ul>\n<li>Added internal parameter validations in the API function.</li>\n<li>ApiKey and ApiSecret usage redundancy removed.</li>\n<li>All LoginRadius related features need to be defined once only and SDK will handle them automatically.</li>\n<li>Improved the naming conventions of API functions for better readability.</li>\n<li>Better Error and Exception Handling for LoginRadius API Response in SDK.</li>\n<li>Completely revamped each SDK and restructured them with the latest API function names and parameters.</li>\n<li>Added detailed description to API functions and parameters for better understanding.</li>\n<li>Updated the SDK demos according to the latest SDK changes.</li>\n</ul>\n<h3 id=\"new-apis\" style=\"position:relative;\"><a href=\"#new-apis\" aria-label=\"new apis permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a><strong>New APIs:</strong></h3>\n<p>We have added new APIs in this release, that will complement the existing ones.</p>\n<ul>\n<li>Update Phone ID by UID</li>\n<li>Upsert Email</li>\n<li>Role Context profile</li>\n<li>MFA Resend OTP</li>\n<li>User Registration By Captcha</li>\n<li>Get Access Token via Linkedin Token</li>\n<li>Get Access Token By Foursquare Access Token</li>\n<li>Get Active Session By Account Id</li>\n<li>Get Active Session By Profile Id</li>\n<li>Delete User Profiles By Email</li>\n<li>Verify Multifactor OTP Authentication</li>\n<li>Verify Multifactor Password Authentication</li>\n<li>Verify Multifactor PIN Authentication</li>\n<li>Update UID</li>\n<li>MFA Re-authentication by PIN</li>\n<li>Pin Login</li>\n<li>Forgot Pin By Email</li>\n<li>Forgot Pin By UserName</li>\n<li>Reset PIN By ResetToken</li>\n<li>Reset PIN By SecurityAnswer And Email</li>\n<li>Reset PIN By SecurityAnswer And Username</li>\n<li>Reset PIN By SecurityAnswer And Phone</li>\n<li>Forgot Pin By Phone</li>\n<li>Change Pin By Token</li>\n<li>Reset PIN by Phone and OTP</li>\n<li>Reset PIN by Email and OTP</li>\n<li>Reset PIN by Username and OTP</li>\n<li>Set Pin By PinAuthToken</li>\n<li>Invalidate Pin Session Token</li>\n<li>Submit Consent By ConsentToken</li>\n<li>Get Consent Logs</li>\n<li>Submit Consent By AccessToken</li>\n<li>Verify Consent By AccessToken</li>\n<li>Update Consent Profile By AccessToken</li>\n<li>Get Consent Logs By Uid</li>\n<li>Album With Cursor</li>\n<li>Audio With Cursor</li>\n<li>Check-In With Cursor</li>\n<li>Event With Cursor</li>\n<li>Following With Cursor</li>\n<li>Group With Cursor</li>\n<li>Like With Cursor</li>\n</ul>\n<h3 id=\"removed-apis\" style=\"position:relative;\"><a href=\"#removed-apis\" aria-label=\"removed apis permalink\" class=\"anchor before\"><svg aria-hidden=\"true\" focusable=\"false\" height=\"16\" version=\"1.1\" viewBox=\"0 0 16 16\" width=\"16\"><path fill-rule=\"evenodd\" d=\"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"></path></svg></a><strong>Removed APIs:</strong></h3>\n<p>To cope up with the changes around the social platforms, we have removed some existing APIs as they are no longer supported by the social providers. Below are the details of those APIs.</p>\n<ul>\n<li><strong>GetCompanies API:</strong> This API was used to get the list of companies from social sites. we removed this API because it is not supported by the social providers</li>\n<li><strong>Getstatus API:</strong> This API was used to get the status from social sites.</li>\n</ul>\n<style class=\"grvsc-styles\">\n  .grvsc-container {\n    overflow: auto;\n    -webkit-overflow-scrolling: touch;\n    padding-top: 1rem;\n    padding-top: var(--grvsc-padding-top, var(--grvsc-padding-v, 1rem));\n    padding-bottom: 1rem;\n    padding-bottom: var(--grvsc-padding-bottom, var(--grvsc-padding-v, 1rem));\n    border-radius: 8px;\n    border-radius: var(--grvsc-border-radius, 8px);\n    font-feature-settings: normal;\n  }\n  \n  .grvsc-code {\n    display: inline-block;\n    min-width: 100%;\n  }\n  \n  .grvsc-line {\n    display: inline-block;\n    box-sizing: border-box;\n    width: 100%;\n    padding-left: 1.5rem;\n    padding-left: var(--grvsc-padding-left, var(--grvsc-padding-h, 1.5rem));\n    padding-right: 1.5rem;\n    padding-right: var(--grvsc-padding-right, var(--grvsc-padding-h, 1.5rem));\n  }\n  \n  .grvsc-line-highlighted {\n    background-color: var(--grvsc-line-highlighted-background-color, transparent);\n    box-shadow: inset var(--grvsc-line-highlighted-border-width, 4px) 0 0 0 var(--grvsc-line-highlighted-border-color, transparent);\n  }\n  \n</style>","frontmatter":{"title":"SDK Version 10.0.0","author":{"id":"Indrasen Kumar","github":"indrasen715","avatar":null},"date":"October 31, 2019","updated_date":null,"tags":["Engineering","SDK","Version"],"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.3333333333333333,"src":"/static/b5a4efdaf136c68376dc3010819e3e7e/1f5c5/SDK.webp","srcSet":"/static/b5a4efdaf136c68376dc3010819e3e7e/61e93/SDK.webp 200w,\n/static/b5a4efdaf136c68376dc3010819e3e7e/1f5c5/SDK.webp 400w","sizes":"(max-width: 400px) 100vw, 400px"}}}},"fields":{"authorId":"Indrasen Kumar","slug":"/engineering/sdk-version-10-0-0/"}}}]},"authorYaml":{"id":"Indrasen Kumar","bio":"A software engineer who continually seeks clean, elegant solutions to business challenges. My lifelong passion for technology drives me to proactively expand my horizons, constantly exploring and evaluating new languages, platforms, frameworks, tools, and best practices and applying them in my work to produce truly awesome results.","github":"indrasen715","stackoverflow":null,"linkedin":"indrasen-kumar-a1952611a","medium":"@indrasenkumar715","twitter":null,"avatar":null}},"pageContext":{"id":"Indrasen Kumar","__params":{"id":"indrasen-kumar"}}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}