Getting Character ID when useing Implicit Grant


(Guitar Strings) #1

I’m using implicit grant flow in a novel web application I’m writing. Everything works fine but there is no way to get the Character ID for the account that is logged in.

For a server authentication flow, I would just access https://login.eveonline.com/oauth/verify . And get the Character ID from there. However this API does not set Access-Control-Allow-Origin headers so I can’t use AJAX.

So I’m kinda stumped as to how to get Character ID for the logged in user. when using Implicit grant.


(Scipio Artelius) #2

Does this not work once you receive a token?

http://eveonline-third-party-documentation.readthedocs.io/en/latest/sso/obtaincharacterid.html


(Guitar Strings) #3

No I can access anything on ESI once I have a token. But I can’t access https://login.eveonline.com/oauth/verify. Since it does not have Access-Control-Allow-Origin. I’m sure if I used curl or some non browser http request it would work. But since I’m using AJAX it does a OPTIONS round trip, and is dependent on Access-Control-Allow-Origin being sent.


(Scipio Artelius) #4

and you can’t use JSONP?


(Guitar Strings) #5

I’m not typically a front end developer so I’ll look into JSONP seems that might get around this particular
issue. However it does seem kinda hackish to me from what I’ve seen so far.

Also some what short sighted to not be able to access the current Character ID when using a implicit flow?


(Guitar Strings) #6

I don’t think JSONP will work either. Since https://login.eveonline.com/oauth/verify requires the token to be set in an Authorization header.


(Althalus Stenory) #7

https://esi.tech.ccp.is/verify/ you can use this one iirc it work by passing token in url params


(Guitar Strings) #8

@Althalus_Stenory that’s perfect thank you. I just used Authorization header with Bearer token. Like my other requests.


(Madbuster73) #9

Thank Althalus!

That worked!

I wonder why this is nowhere mentioned, because there are a lot of JavaScript developers out there that cant get it to work.