Custom appsAPIPOST /validate

This endpoint performs account validation when setting up an account for the app. The incoming payload includes information about the account type to be validated and all fields required:

{
    "id": "basic", // identifier for the account type
    "fields": { //list of field values to validate according to schema
        "username": "test_user",
        "password": "test$user!",
        /*...*/
    }
}

If the account is valid, the app should return HTTP status 200 with a JSON object containing a friendly name for the account:

{"name": "Awesome Account"}

If the account is invalid, the app should return HTTP status 401 (Not Authorized) with a simple JSON object containing an error message:

{"error": "Your password is incorrect!"}

Refresh Access Token

In addition this step can be used as a possibility to refresh access token. The incoming payload includes refresh and access token, also it can include expiration datetime. Response should include new access token to override expired one.

Request sample:

{
    "id": "oauth2",
    "fields": {
        "access_token": "xxxx",
        "refresh_token": "yyyy",
        "expire_on": "2018-01-01"
    }
}

Response sample after token refresh:

{
    "name": "Awesome account",
    "access_token": "new-access-token",
    "expire_on": "2020-01-01"
}