# Passpoint services ### Passpoint Download Page You can initialize a Passpoint Download Page for a give user by calling a ``` https://osu.cloud4wi.com/activate/[customerToken]?redirect_url= ``` The `custmerToken` can be created using the related API ([see docs](https://create.cloud4wi.ai/dev-hub/cloud4wi-labs/private-apis#v2-customers-cid-token)). The token can be configured to expire within a certain period (e.g. 5 minutes) and support only certain number of hits (a.k.a. after N clicks the page wont' work anymore). This technique allows to minimize the risk that users would forward the link to other individuals. The page can be customized form the Cloud4wi dashboard using a custom CSS ([read more](https://cloud4wi.zendesk.com/hc/en-us/articles/4413031728781-WiFi-Profile-Download-Page)). The page is also automatically translated in the language currently used by the browsers (detected via user agent). The `redirect_url` parameter, is optional and if present, will show a button "Connect" in the last instruction page of the Download Page journey and redirect the client to the value of the parameter. ### Passpoint Profile URL This endpoint allows to generate and download a Passpoint profile for a given existing user with a known user Id ```html https://wifiprofile.cloud4wi.com/wifiprofile ?accountId= &deviceType= &realm= &displayName= ``` Where: * `customerId`: is the user identifier * `deviceType`: it represents the type of operative system and can be: * `apple`: for iOS, macOS and iPadOS * `android`: for all supported Andorid devices (all Andorid 11+) * `windows`: for Windows 10+ devices * `PasspointRealm`: is the main domain for the access network provider and MUST match the one configured in the [Cloud4Wi dashboard settings](https://cloud4wi.zendesk.com/hc/en-us/articles/18939388439309-Passpoint-Network-Configuration?ophqt=fc20dc6ff637c89beff99c05eb591e23b47c271a49bd30d1) * `displayName`: is the operator friendly name that end users see in their device WiFi picker when the connect to a Passpoint network and should match the one you configure the in [Cloud4Wi dashboard settings](https://cloud4wi.zendesk.com/hc/en-us/articles/18939388439309-Passpoint-Network-Configuration?ophqt=fc20dc6ff637c89beff99c05eb591e23b47c271a49bd30d1) Example:\ {% hint style="warning" %} On July 30th 2024, this endpoint will be changed and will accept only the <`token`> ([see generating token here](https://create.cloud4wi.ai/dev-hub/cloud4wi-labs/private-apis#v2-customers-cid-token)) in place of the <`customerId`> parameter {% endhint %} ## Device specific implementations ### Windows Please note that to trigger a WiFi profile download and trigger the profile installed on Window, you need to compose the URI in this format: ```html ms-settings:wifi-provisioning?uri= ``` ### iOS Please note that only certain browser can trigger the native WiFi profile installer automatically. At this time, the list includes Safari, Chrome, Edge ### macOS Please note that only certain browser can trigger the native WiFi profile installer automatically. At this time, the list includes only Safari. In all other browsers, the user needs to click on the downloaded profile to trigger the installation process. ### Android Please note that only certain browser can trigger the native WiFi profile installer automatically. At this time, the list includes only Chrome ## Network configuration The access network must be configured with a dedicated SSID configured with * WPA2/3-Enterprise security * authentication toward Cloud4Wi RADIUS (Primary/Secondary IP addresses, ports and secret). RadSec is also supported on demand. * Hotspot 2.0 parameters * Domain: the domain must match the `PasspointRealm` configured in the Passpoint profile [Check the documentation on how to configure Passpoint on all main WiFi vendors. ](https://cloud4wi.zendesk.com/hc/en-us/articles/18939388439309-Passpoint-Network-Configuration) ## Requirements In order for devices to be authorized on an access network, the network Access Point NAS identifiers must be provisioned on the Cloud4Wi account. In case a matching Access Point is not found in a Cloud4Wi accout, the AAA responds with an Access-Reject.