...
Note: Successful completion of this request (1) requires that the user already exists in the Synapse user database, but (2) does NOT require the the user has already signed the Synapse Terms of Use. To create the user in Synapse, use the user creation service described above: CreateUser. To check whether the user has signed the Synapse Terms of Use, use the token refresh service described above, RefreshToken%28resettimer%29. A 403 Forbidden response means that the user has not yet accepted the Terms of Use.
The successful response to the OpenID log-in request is a redirect to <RedirectURL> with extra request parameters to hold (1) an authentication status indicator (OK) and (2) the session token:
| Code Block |
|---|
HTTP/1.1 302 Moved Temporarily ... Location: <RedirectURL>?status=OK&sessionToken=<sessionToken> ... |
In this case, authentication must be repeated with explict ToU acceptance. The client should display the ToU and request the user's acceptance.
Once the user has accepted the ToU, the authentication request may repeated, including a new request parameter acceptsTermsOfUse=true:
...
If the user does not exist in the Synapse user database, this is indicated in the response parameter:
| Code Block |
|---|
HTTP/1.1 302 Moved Temporarily
...
Location: <RedirectURL>?status=OpenIDUnknownUser
...
|
If authentication is unsuccessful for a reason other than a missing terms of use agreement another reason then the result is:
| Code Block |
|---|
HTTP/1.1 302 Moved Temporarily ... Location: <RedirectURL>?status=OpenIDError ... |
...