# Guest authentication

Guest authentication allows institutions to create temporary guest accounts for users who need short-term access to network resources. These guest accounts can have multiple profiles associated with them, enabling devices to authenticate for a limited period.

To be able to create and download guest profiles clients must exchange a guest account token for an access token and must be registered as an easyroam useragent with the guest_token grant type enabled.

Note

You can not self register a useragent with the guest_token grant type. Please contact us if you need this functionality.

Authentication is achieved by submitting and HTTP form:

POST https://auth.easyroam.de/oauth/token

grant_type=guest_token
guest_token=<your_guest_account_token>

This is an HTTP form. NOT a Json payload. If done correctly, it should have request Content-Type application/x-www-form-urlencoded

Upon a successful authentication you will receive a Json object containing 2 properties like so:

{
    "access_token": "...",
    "token_type": "Bearer"
}

Note

Unlike other authentication methods, access tokens obtained via guest account tokens are valid for the duration of the guest account's validity period, rather than a fixed time frame. This means that as long as the guest account is active, the access token will remain valid.