Device Settings WebView
The Device Settings WebView allows the end-users to Settings his device.
To ensure that your mobile application is authorized to display this WebView, the access_token and csrf_token provided during the User Creation process must be used.
When redirecting to the Device Settings WebView the access_token needs to be added as a secure cookie and the csrf_token set as the URL parameter.
As the access_token is valid for three hours, you must ensure to refresh it using the refresh_token provided during the User Creation process. You need to manage the API tokens and refresh them when required or when your mobile app is requesting fresh tokens using the web service OAuth 2.0 - Refresh your access token.
Base URL
The base URL for the Withings Device Settings WebView is:
https://inappviews.withings.com/sdk/settings
The base URL for the Withings Device Settings WebView on the HIPAA Cloud is:
https://inappviews.us.withingsmed.com/sdk/settings
Available parameters
| Name | Type | Required | Comments |
|---|---|---|---|
| csrf_token | string | yes | The CSRF token is provided when retrieving a new access_token using the refresh service. |
Example of a URL:
https://inappviews.withings.com/sdk/settings?csrf_token=j34de463gecje...689jhg6
Example of a URL for the HIPAA Cloud:
https://inappviews.us.withingsmed.com/sdk/settings?csrf_token=j34de463gecje...689jhg6
Cookie
Cookie details:
domain: ".withings.com"securemax-age: 10,800 (seconds)key: "access_token"value:access_token
Cookie details for the HIPAA Cloud:
domain: ".us.withingsmed.com"securemax-age: 10,800 (seconds)key: "access_token"value:access_token
We strongly recommend that you remove all cookies prior to setting new ones in order to avoid any cookie conflicts.