Ian White
Ian White
When you his this endpoint `https://sso.ci.ford.com/v1.0/endpoint/default/authorize?redirect_uri=fordapp://userauthorized&response_type=code&scope=openid&max_age=3600&client_id=9fb503e0-715b-47e8-adfd-ad4b7770f73b&code_challenge=EiBNP3VtgKB3ayeBTzAzvQJlXdvY86JeL4f2X49nDW8%3D&code_challenge_method=S256` you are redirected to `https://sso.ci.ford.com/authsvc/mtfim/sps/authsvc?PolicyId=urn:ibm:security:authentication:asf:basicldapuser&identity_source_id=75d08ad1-510f-468a-b69b-5ebc34f773e3&Target=https%3A%2F%2Fsso.ci.ford.com%2Foidc%2Fendpoint%2Fdefault%2Fauthorize%3FqsId%3D3b15437f-47bc-44a4-b1ea-c871c0ed1c86%26client_id%3D9fb503e0-715b-47e8-adfd-ad4b7770f73b#page=login` This is where the state_id and qsId are generated. Likely to prevent CSRF like @Bert-R mentioned. The qsId can...
Ford also is validating the cookies as they are coming across to check to make sure the request is actually coming from `https://sso.ci.ford.com/`. I'm thinking the best solution to this...
> I get the need to improve security. Where there's a will there's a way. If they would just release an official API they would have much more control over...
I'm having a hell of a time trying to get the `fordapp://userauthorized?code=`. I can get all the way to the last request `https://sso.ci.ford.com/oidc/endpoint/default/authorize?qsId=&client_id=9fb503e0-715b-47e8-adfd-ad4b7770f73b&identity_source_id=75d08ad1-510f-468a-b69b-5ebc34f773e3` using puppeteer but then I get Error:...
This is a super hacky solution with puppeteer but I figured I'd share. I was having issues grabbing the `fordapp://userauthorized?code=&grant_id=`. Puppeteer is confused by the `fordapp://` URL Scheme and throws...
Hi @nils2410, Try switching your region to "US". Sometimes there are issues with authenticating in different regions. Let me know if that solution works for you.
Hi all, Working on getting this updated.
In looking around a bit, it appears that Ford is changing their FordPass application in favor of their new publicly facing api that will be released at some point in...
> > In looking around a bit, it appears that Ford is changing their FordPass application in favor of their new publicly facing api that will be released at some...