2-Legged OAuth
How to access protected Orange APIs resources using ‘2-legged’ OAuth (i.e. client_credentials grant type)
December 2nd, 2016
Technical guides
In the following resources we share best practices and technical information to integrate Orange APIs.
3-Legged OAuth
How to access protected Orange APIs resources using “3-legged” OAuth (i.e. authorization_code grant type)
October 11th, 2017
Authentication SMS OTP Consent
In order to benefit from the SMS OTP Authentication and Consent, the Service Provider must provide the end-user’s mobile number in his API request. The mobile number must be encoded (see below) added to the request using the login_hint query_string parameter. Creating the login_hint for SMS OTP Authentication and Consent: The mobile number must be […]
March 8th, 2017
Best practices for API error handling and troubleshooting
Best practices for Orange API error handling and troubleshooting
October 4th, 2017
Client security measures, good practices for a secure integration of Orange APIs
In this document, we present a list of important security measures that need to be taken into account when implementing clients that integrate Orange APIs. Please note all resources need authorization. OAuth v2 framework (see RFC 6749) has been used in order to authenticate all calls. See this article for a complete description of our […]
September 12th, 2016
Documentation technique réseaux Orange France
Retrouvez la documentation technique des réseaux Orange France pour vous aider à connecter votre objet IoT et développer vos services.
February 22nd, 2018
Mobile Connect
What is Mobile Connect? Mobile Connect is a user authentication and identity service based on the OpenID Connect/OAuth2 standards. Mobile Connect is provided by individual mobile network operators and delivered through a standardised technical interface. Mobile Connect uses two principal APIs: The Discovery API – implemented by GSMA API Exchange platform: it enables your application […]
September 12th, 2016
OAuth 2.0 protocol
OAuth 2.0 defines a protocol for securing application access to protected resources, which are accessed through REST APIs. OAuth 2.0 relies on access tokens presented by client applications (on behalf of end-users or not) when requesting access to protected resources via APIs. These tokens must be obtained before the client application can get access to […]
September 12th, 2016
OpenID Connect 1.0
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows client applications to verify the identity of the end-user based on the authentication performed by an OAuth 2.0 authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST manner. OpenID […]
October 4th, 2017
Orange France end-user interfaces explained
In this guide we explain the Orange France end-user account interfaces, so that you can understand your users experience, in particular with respect to Orange authentication and consent form. Orange France end-user interfaces
September 12th, 2016