@CliDigital 

Obviously, there is an error in the documentation provided near the public static function authorize($clientMac, $apMac, $ssidName, $radioId, $milliseconds)

if you scroll back at the documentation where Steps 12 and 13 begin, you will see the API end point:

https://CONTROLLER:PORT/CONTROLLER_ID/api/v2/hotspot/extPortal/auth

For the public static function authorize( ) to work, you will have to replace:
curl_setopt($ch, CURLOPT_URL, "https://" . CONTROLLER . ":" . PORT . "/" . CONTROLLER_ID . "/api/v2/hotspot/login");

with:
curl_setopt($ch, CURLOPT_URL, "https://" . CONTROLLER . ":" . PORT . "/" . CONTROLLER_ID . "/api/v2/hotspot/extPortal/auth");

Now you need to set the COOKIE_FILE_PATH constant to point to a file such as "./assets/cookie/jar.txt" and make sure the file is editable (in my case I did a "chmod -R 777 assets" because I am running my external portal server in Ubuntu). You asked if it is mandatory, YES you need to define cookie in the curl_setopt.

One more thing, if you have no problem with getting the JSON response from "/api/v2/hotspot/login", then you must be able to get the JSON response from "api/v2/hotspot/extPortal/auth".

{

    "errorCode": 0

}

In my case, I have my Login/Authentication html page running in the same gateway where my Omada Controller is. My Omada Controller has an IP address 192.168.254.108 while my localhost server hosting the Login/Authentication html page has an IP address 192.168.254.109

I hope this gives a glimmer of clarity.

  @Yuno23 

Thanks for your response.
As I mentioned, I'm adapting the documentation that uses a PHP project as an example for a C# project with .NET Core.

The documentation part is definitely a mistake.
Can you tell me how to adapt COOKIE_FILE_PATH to a request in C#?

In my case the controller and HTML file are on the same server.