Service-directed login operation
Updated: June 3, 2015
Requests that Microsoft Azure Mobile Services initiate authentication using a specific identity provider. The returned token is used to make subsequent authenticated requests to the mobile service. When using service-directed login, Mobile Services initiates an OAuth flow that enables your client to login to Mobile Services by using the requested identity provider. If you have already obtained a token from an identity provider, you can instead use the Client-directed login operation.
The request may be specified as follows. Replace <service_name> with your mobile service name and <provider> with the identity provider.
The identity provider used for authentication can be one of the following:
.Net Backend Support
Requests a login by using Facebook as the identity provider.
Requests a login by using Google as the identity provider.
Requests a login by using Live Connect as the identity provider.
Requests a login by using Twitter as the identity provider.
Requests a login by using Azure Active Directory as the identity provider.
You must first configure the identity provider used for authentication with your mobile service. For more information, see Configure identity.
This request starts an OAuth flow initiated by Mobile Services.
None in the initial request.
No Mobile Services-specific request headers are required. The request may also include additional standard HTTP headers.
The response includes an HTTP status code, a set of response headers, and a response body. The exact response depends on the state in the OAuth flow.
An operation ultimately returns one of the following status codes:
Login has completed successfully. When login has completed successfully, you are returned to a URL that contains the authentication token as a JSON web token (JWT), with the following format:
This status code is returned when an authentication failure occurs. This can occur when the identity provider has not been registered with Mobile Services. For more information, see Configure identity. Check the error message in the response body for details.
During the OAuth process, the OAuth state can be determined from the <oauth_state> value in the URL, which has the following format:
The response for this operation includes the following headers. The response may also include additional standard HTTP headers. All standard headers conform to the HTTP/1.1 protocol specification.
The URL of the identity provider to which the login request was redirected. This page is displayed to allow users to login by using the specific provider.
The wams_state attribute contains the state value that is used in subsequent requests to identify the OAuth session.
Indicates which version of the runtime executed the request.