Integrating EmpowerID Modern Authentication

Integrating EmpowerID Modern Authentication

In various situations, including those involving legacy, desktop, or script-based applications, it is necessary for a user's access token to be utilized for executing tasks on the user's behalf. To accommodate this need, EmpowerID's "Modern Authentication" can be implemented. The process consists of three steps, which are shown below. By following these steps, an application can leverage EmpowerID's Modern Authentication to obtain a user's access token for performing tasks on the user's behalf.


  1. Acquire the Authentication ID – To begin the process, invoke the ui/common/ModernAuth/GetModernAuthID REST endpoint to obtain the Authentication ID. The C# code snippet below illustrates this step:

    private static string GetID() { var web = new WebClient(); var urla = $"https://my.empowerid/ui/common/ModernAuth/GetModernAuthID"; var responseString = web.DownloadString(urla); return responseString; }
  2. Perform Authentication – Launch a browser or a browser tab and direct it to the '/PerformAuth' endpoint. Provide the Authentication ID acquired in the first step ('{sid}') and the Client ID of the OAuth application ('{clientId}') as parameters. The URL should look similar to that shown below.

  3. Obtain the Access Token – Invoke the /ui/common/ModernAuth/GetAccessToken/ REST endpoint using the Authentication ID acquired in the first step ('{sid}'). If the endpoint returns an empty response, the access token is not available. You can repeatedly call this endpoint with the Authentication ID at intervals of 10 to 15 seconds for a minute or two before determining that the authentication has failed. The C# code snippet below illustrates this step:

    private static string GetToken() { var web = new WebClient(); var urla = $"https://my.empowerid/ui/common/ModernAuth/GetAccessToken/{sid}"; var responseString = web.DownloadString(urla); if(!string.IsNullOrEmpty(responseString)) { var data = JsonConvert.DeserializeObject<DataClass>(responseString); return data.AccessToken } return null; } public class DataClass { public string AccessToken {get; set;} public string {get; set;} }