Automate User login when retrieving authorisation-code

[ma7ammad]

I am an app developer trying to automate the authenticatio/authorisation processes for an app that uses the Vincee API.
However, Vincere docs do not provide any support about how to achieve this as it all refers to using the browser in both docs I have found so far in :

1. https://api.vincere.io/#section/Step-by-Step-Vincere-API-Authentication-Process : "Upon successful login by the Vincere user they will be forwarded to your callback url ": "successful login" can only be carried out on the browser as I could find so far. Please advise if I am wrong?
2. https://github.com/vincere-io/vincere-identity : "The /oauth2/authorize endpoint only supports HTTPS GET. The user pool client typically makes this request through the system browser. This step would return you authorization code"

I am struggling to get this working in a reliable way. there is a way suggested by other developers who are facing the same issue in "vincere-io/vincere-identity#9" however, they advised it is a hack and should not be used in production.

Would you please advise how the authorisatio-code could be retrieved without browser or user interaction?

[mrbkiter]

Hi @ma7ammad

Vincere APIs does not support that kind of automated authentication, as we expect that Vincere users need to be aware of what apps they are using. Suggestion for you is your app should ask some Vincere user of specific tenant to login, and then you can use id token for authentication and retrieve data of that tenant, and use refresh token to refresh expired id-token.