4.4 Variant B

Process

Build a link using HIN parameters.
The user authenticates via e-ID and receives a popup with Yes and No options.
Authentication and Redirect: After successful login, the user is redirected to a URL (which must be communicated to HIN) that contains the Auth Token as a URL parameter. For example: https://example.com/callback?Code=iwdjoijwiw90dj9j2odij2oijwoidwd
Token extraction in the backend: The server receives the request and extracts the Auth Token from the URL. The token is located in the "Code" parameter (e.g., Code=iwdjoijwiw90dj9j2odij2oijwoidwd).
Obtaining the HIN Access Token.

Build the link: http://apps.hin.ch/REST/v1/OAuth/GetAuthCode/?response_type=code&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI_ENCODED>&state=

When opening the link in the browser:

In this variant, the Auth Token is provided directly via a redirect. After a successful login (Yes), there is an automatic redirect to another page, which we need to register in our backend, where the Auth Token is passed as a parameter in the URL. The token could look like this: Code=iwdjoijwiw90dj9j2odij2oijwoidwd.

Backend process:

The server receives this URL and extracts the token from the URL parameter. In this case, it is the "Code" parameter that contains the token iwdjoijwiw90dj9j2odij2oijwoidwd.

Example using Flask

from flask import request

@app.route('/callback')
def callback():
    # Extract the 'code' parameter from the URL
    auth_token = request.args.get('code')

    # Further processing of the token...

OAuth2 Docs

4.4 Variant B

Process

When opening the link in the browser:

Backend process:

Example using Flask