Device Setup WebView
The Device Setup WebView allows the end-users to setup his device.
To ensure that your mobile application is authorized to display this WebView, the access_token
and csrf_token
provided during the User Creation process must be used.
When redirecting to the Device Setup WebView the access_token
needs to be added as a secure cookie and the csrf_token
set as the URL parameter.
As the access_token
is valid for three hours, you must ensure to refresh it using the refresh_token
provided during the User Creation process. You need to manage the API tokens and refresh them when required or when your mobile app is requesting fresh tokens using the web service OAuth 2.0 - Refresh your access token.
Base URL
The base URL for the Withings Device Setup WebView is:
https://inappviews.withings.com/sdk/setup
The base URL for the Withings Device Setup WebView on the HIPAA Cloud is:
https://inappviews.us.withingsmed.com/sdk/setup
Available parameters
Name | Type | Required | Comments |
---|---|---|---|
csrf_token | string | yes | The CSRF token is provided when retrieving a new access_token using the refresh service. |
device_model | integer | no | Withings device model to be installed. If not provided, the end user will be prompted to choose the model manually from the available models. Possible values are listed below. |
List of available device models
When opening the Device Setup WebView, you can select a model to open the specific flow directly. Please use the device_model id listed below to do so:
Device model | device_model |
---|---|
Body+ | 6 |
Body | 7 |
Body Pro | 9 |
BPM Connect | 45 |
BPM Connect Pro | 46 |
Pulse HR | 58 |
Sleep | 63 |
Thermo | 70 |
Move | 90 |
Example of a URL:
https://inappviews.withings.com/sdk/setup?csrf_token=j34de463gecje...689jhg6&device_model=6
Example of a URL for the HIPAA Cloud:
https://inappviews.us.withingsmed.com/sdk/setup?csrf_token=j34de463gecje...689jhg6&device_model=6
Cookie
Cookie details:
domain
: ".withings.com"secure
max-age
: 10,800 (seconds)key
: "access_token"value
:access_token
Cookie details for the HIPAA Cloud:
domain
: ".us.withingsmed.com"secure
max-age
: 10,800 (seconds)key
: "access_token"value
:access_token
We strongly recommend that you remove all cookies prior to setting new ones in order to avoid any cookie conflicts.