Authorization
The OAuth2 Authorization Code Grant Flow.
A
The client application requests authorization to access the Miele 3rd Party API
| KEY | EXPLANATION | COMMENT |
|---|---|---|
| client_id | The client ID you received after the registration | |
| response_type | Indicates that your application expects to receive an authorization code | |
| redirect_uri | Indicates URL to return the user to after authorization is complete | |
| state | A random string generated by your application which you'll verify later | optional |
B
The user authorizes access with user name, password and the name of the Miele subsidiary with which his Miele account is registered. For this purpose, the authorization server redirects the user to a special website. Here the user finally gives his explicit consent to use the API.
| KEY | EXPLANATION | COMMENT |
|---|---|---|
| The e-mail address belonging to the Miele user account | ||
| password | The corresponding password | |
| country | The Miele subsidiary the Miele user account belongs to |
C
The user authorizes access with user name, password and the name of the Miele subsidiary with which his Miele account is registered. For this purpose, the authorization server redirects the user to a special website. Here the user finally gives his explicit consent to use the API.
| KEY | EXPLANATION | COMMENT |
|---|---|---|
| code | The server returns the authorization code in the query string | |
| state | The server returns the same state value that you passed | optional |
D
The user authorizes access with user name, password and the name of the Miele subsidiary with which his Miele account is registered. For this purpose, the authorization server redirects the user to a special website. Here the user finally gives his explicit consent to use the API.
| KEY | EXPLANATION | COMMENT |
|---|---|---|
| client_id | The client ID you received after the registration | |
| client_secret | The client secret you received after the registration | |
| code | The authorization code returned by the authorization server before to complete | |
| grant_type | The grant type for this flow is authorization_code | |
| redirect_uri | Must be identical to the redirect URI provided in the original link |
E
The Authorization server returns the access token
| KEY | EXPLANATION | COMMENT |
|---|---|---|
| access_token | Temporary token used for accessing protected resources | Used in API calls |
| refresh_token | Token used to obtain a new access token without re-authentication | Longer lifespan than access token |
| token_type | Type of token, typically "Bearer" | Used in Authorization header |
| expires_in | Validity period of the access token in seconds |
F
The client application has to use the access_token for all subsequent API calls
| KEY | EXPLANATION | COMMENT |
|---|---|---|
| access_token | The access_code for the every single API call |
G
The Resource Server returns the requested resources