The /token endpoint (discoverable via the /well-known endpoint) is invoked after a user completes their verification process (which was initiated by the /authorize endpoint).
- Preproduction (legacy):
- The user has just completed their process and IDW has provided a one time token to your specific redirect URI
- You exchange this token (via a "back channel" API call) in order to retrieve the transactions details.
- The /token response is in JSON Web Token format, and will include all authentication and verification results configured by the client.
- Use your plugin to retrieve the JSON Web Token data and parse the results.
- You will be looking for the "policyDecision" details of the transaction. See https://docs.iddataweb.com/docs/policy-decision for more details about the results
- You may optionally make a 2nd "back channel" API call to our /userInfo endpoint which provides additional formatting options for the returned JSON.
- See https://docs.iddataweb.com/reference/userinfo for more information