Authentication with Hat
HAT is an API-only service, meaning it does not enforce a specific
JWT). Each HAT runs as a separate server and has a publicly-reachable address (such as
https://test.hubofallthings.net). All calls in this documentation are therefore executed against an individual HAT. You can learn more in the HAT documentation.
The steps in logging in with a HAT are:
- You send the user to
/hatloginendpoint on their hat, such as
- The HAT owner enters their login details in the login screen and verifies the service they are logging into
- User gets redirected back to the address you have provided with authentication token in a query parameter. You validate the token against the HAT’s public key and know that the user owns the specific HAT and log them in.