Client-directed login operation

 

Requests an authentication token from Microsoft Azure Mobile Services by using an identity token already obtained from an identity provider. The returned token is used to make subsequent authenticated requests to the mobile service. The token presented to Mobile Services for authentication must be obtained by the client independent of Mobile Services, usually by using the providers SDK, such as the Facebook SDK for iOS. Use client-initiated authentication when your app obtains an identity token to enable single sign-on or get additional user information using the provider SDK. If your app doesn’t need to interact directly with the identity provider, you can instead use the Service-directed login operation. For more general information, see Logging in with Google, Microsoft and Facebook SDKs to Azure Mobile Services

Request

The request may be specified as follows. Replace <service_name> with your mobile service name and <provider> with the identity provider.

HTTP Verb

Request URI

HTTP Version

POST

https://<service_name>.azure-mobile.net/login/<provider>

HTTP/1.1

The identity provider used for authentication can be one of the following:

Provider value

Description

JavaScript Backend Support

.Net Backend Support

facebook

Login by presenting a token obtained from Facebook.

Yes

Yes

google

Login by presenting a token obtained from Google.

Yes

Yes

microsoftaccount

Login by presenting a token obtained from Live Connect.

Yes

Yes

twitter

Login by presenting a token obtained from Twitter.

No

No

windowsazureactivedirectory

Login by presenting a token obtained from an Azure Active Directory.

No

Yes

Note

You must first configure the identity provider used for authentication with your mobile service. For more information, see Configure identity.

URI Parameters

None.

Request Headers

The following table describes the request headers.

Request Header

Required

Accept

No

Set this header to application/json.

Content-Length

Yes

The length of the request body.

Content-Type

No

Set this header to application/json.

Request Body

The request body contains a single object, expressed in JavaScript Object Notation (JSON). The object contains a single field, which depends on the identity provider:

Provider

JSON object

Microsoft Account

{
    "authenticationToken" : "<authentication_token_value>"
}

Facebook

Google

Azure Active Directory

{
    "access_token" : "<access_token_value>"
}

Response

The response includes an HTTP status code, a set of response headers, and a response body.

Status Code

A successfully operation returns status code 200 (OK).

Response Headers

The response for this operation includes the following headers. The response may also include additional standard HTTP headers. All standard headers conform to the HTTP/1.1 protocol specification.

Response Header

Description

Content-Length

The length of the response body.

Content-Type

Header set to application/json.

x-zumo-version

Indicates which version of the runtime executed the request.

Response Body

The request body contains a single JSON object with two properties. The following table describes the properties of the JSON object in the response body.

Property Name

Description

user

JSON object that contains the userId value assigned by Mobile Services to the authenticated user.

authenticationToken

A JSON web token (JWT), which is the authentication token returned by Mobile Services based on positive authentication. This token is provided in subsequent authenticated requests to the mobile service, and can be cached until expired.

The response to a request to use a Microsoft Account token contains the following JSON payload:

{
    "user": {
        "userId" : "MicrosoftAccount: <user_id>"
    },
    "authenticationToken" : "<jwt_token>" 
}

See Also

Authenticating Mobile Services requests
Azure Mobile Services REST API Reference