Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Identity Verification Workflow

This workflow may be used by clients to get the iRacing customer identifier of the authenticated user. Previously, clients might have used private messages on the iRacing forums or other means to accomplish this goal.

Goals

  1. Obtain the iRacing customer identifier or display name for a user.

Prerequisites and Assumptions

  1. The client has been registered.
  2. No refresh tokens will be issued and the access token will be used only once so there is no need to store it.
  3. The user has created an account within the client and has authenticated within the client.

Steps

  1. The client starts an Authentication and Authorization flow by invoking /authorize. The client should request the scope iracing.profile to get access to the iRacing profile and specify the correct redirect_uri registered to the client.
  2. The user is asked to login and is told that the client has requested access to their profile information. It is assumed the user will approve. The browser is redirected to the redirect_uri with a code.
  3. The client receives the code at its redirect_uri. It may then use /token to trade the code for an access token.
  4. Using the access token, the client makes a request to /iracing/profile. The profile information is returned as a JSON object in the response, including the customer identifier and display name.
  5. The client discards the access token.