Authentication

There's lots of ways to authenticate.

Webclient style, with a browser widget

Open a browser to

https://login.live.com/oauth20_authorize.srf?client_id=00000000480BC46C&scope=service::skype.com::MBI_SSL&response_type=token&redirect_uri=https://login.live.com/oauth20_desktop.srf

Allow the user to log in as normal. When they're done, the browser will be redirected to https://login.live.com/oauth20_desktop.srf with an enormous fragment. The fragment might be useful, but what the webclient requires is the three cookies MSPAuth, MSPProf, WLSSC.

Webclient, without a browser

Request the same URL as the previous section. Keep the MSPOK cookie.

Buried in the Javascript is a HTML <input> element, with name="PPFT". Keep the value attribute of this element.

Using the same query string as the first request, POST to https://login.live.com/ppsecure/post.srf, with the MSPOK cookie and a body consisting of url-encoded parameters:

Parameter	Notes
PPFT	The PPFT value you got from the first request
login	Microsoft account name
password	Password for that account

If all goes well, you are redirected to the same place as the previous section. If not, look for sErrTxt: followed by a Javascript string, the string including an error message.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Authentication

Webclient style, with a browser widget

Webclient, without a browser

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally