.wpb_animate_when_almost_visible { opacity: 1; }

Technical guides

In the following resources we share best practices and technical information to integrate Orange APIs.

Authentication SMS OTP Consent

In order to benefit from the SMS OTP Authentication and Consent, the Service Provider must provide the end-user’s mobile number in his API request. The mobile number must be encoded (see below) added to the request using the login_hint query_string parameter. Creating the login_hint for SMS OTP Authentication and Consent: The mobile number must be […]

March 8th, 2017

Client security measures, good practices for a secure integration of Orange APIs

In this document, we present a list of important security measures that need to be taken into account when implementing clients that integrate Orange APIs. Please note all resources need authorization. OAuth v2 framework (see RFC 6749) has been used in order to authenticate all calls. See this article for a complete description of our […]

September 12th, 2016

Mobile Connect

What is Mobile Connect? Mobile Connect is a user authentication and identity service based on the OpenID Connect/OAuth2 standards. Mobile Connect is provided by individual mobile network operators and delivered through a standardised technical interface. Mobile Connect uses two principal APIs: The Discovery API – implemented by GSMA API Exchange platform: it enables your application […]

September 12th, 2016

OAuth 2.0 protocol

OAuth 2.0 defines a protocol for securing application access to protected resources, which are accessed through REST APIs. OAuth 2.0 relies on access tokens presented by client applications (on behalf of end-users or not) when requesting access to protected resources via APIs. These tokens must be obtained before the client application can get access to […]

September 12th, 2016

OpenID Connect 1.0

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows client applications to verify the identity of the end-user based on the authentication performed by an OAuth 2.0 authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST manner. OpenID […]

October 4th, 2017