Device Settings WebView
The Device Settings WebView allows the end-users to Settings his device.
To ensure that your mobile application is authorized to display this WebView, the access_token
and csrf_token
provided during the User Creation process must be used.
When redirecting to the Device Settings WebView the access_token
needs to be added as a secure cookie and the csrf_token
set as the URL parameter.
As the access_token
is valid for three hours, you must ensure to refresh it using the refresh_token
provided during the User Creation process. You need to manage the API tokens and refresh them when required or when your mobile app is requesting fresh tokens using the web service OAuth 2.0 - Refresh your access token.
Base URL
The base URL for the Withings Device Settings WebView is:
https://inappviews.withings.com/sdk/settings
The base URL for the Withings Device Settings WebView on the HIPAA Cloud is:
https://inappviews.us.withingsmed.com/sdk/settings
Available parameters
Name | Type | Required | Comments |
---|---|---|---|
csrf_token | string | yes | The CSRF token is provided when retrieving a new access_token using the refresh service. |
Example of a URL:
https://inappviews.withings.com/sdk/settings?csrf_token=j34de463gecje...689jhg6
Example of a URL for the HIPAA Cloud:
https://inappviews.us.withingsmed.com/sdk/settings?csrf_token=j34de463gecje...689jhg6
Cookie
Cookie details:
domain
: ".withings.com"secure
max-age
: 10,800 (seconds)key
: "access_token"value
:access_token
Cookie details for the HIPAA Cloud:
domain
: ".us.withingsmed.com"secure
max-age
: 10,800 (seconds)key
: "access_token"value
:access_token
We strongly recommend that you remove all cookies prior to setting new ones in order to avoid any cookie conflicts.