Question: how do you get CONNECT token without username/pw

[dirkbonhomme]

Hi,

We're currently trying to implement Škoda authentication to Node.js while trying to use a pure oAuth flow. It seems to work fine to get either a CONNECT token OR a TECHNICAL token but we don't see how we can get both without the user having to enter his email + password twice:

APP => Redirect to https://identity.vwgroup.io/oidc/v1/authorize with CONNECT|TECHNICAL client id => User provides email+password => Redirect to APP with code

From my understanding, you only parse the html on https://identity.vwgroup.io/oidc/v1/authorize once and only enter the email+password once to get the first token. How are you able to get the second token? Is it because of a cookie jar?

Hope you can help us figure this out. Thanks a lot!

[Farfar]

Hi!
Yes when you have logged on once (redirected to signin-service URL) and complete the login form you should have gotten session cookies that enables authorization without logon a second time.
If you look at the code there's special handling if "signin-service" string is encountered in location header URL.

[dirkbonhomme]

Thanks for the info!