Current as of 1 Jul 2024
Authentication (oauth)
This document provides technical details about the API routes used for authenticating users and managing tokens in your application. These routes facilitate the OAuth2 authentication process, token generation, and token refresh operations.
Routes
1. OAuth2 Authentication Endpoint
Endpoint: GET /oauth2
Description: Initiates the OAuth2 authentication process by redirecting the user to the appropriate login page based on the host. It constructs a query string from the request parameters and appends it to the redirect URL.
Request Parameters:
Any query parameters passed in the request will be included in the redirect URL.
Response:
Redirects the user to the appropriate login URL.
2. Access Token Request
Endpoint: POST /access
Description: Verifies the authorization code and generates an access token and a refresh token. Returns the access token, refresh token, user ID, and organization ID.
Request Parameters:
code
(string): The authorization code.grant_type
(string): The grant type, which should beauthorization_code
.
Response:
access_token
(string): The access token.refresh_token
(string): The refresh token.user_id
(string): The user ID.org_id
(string): The organization ID.
3. Refresh Token Request
Endpoint: POST /refresh
Description: Verifies the refresh token and generates a new access token and refresh token.
Request Parameters:
refresh_token
(string): The refresh token.grant_type
(string): The grant type, which should be refresh_token.
Response:
access_token
(string): The new access token.refresh_token
(string): The new refresh token.
4. Test Endpoint
Endpoint: GET /test
Description: A test endpoint to verify the functionality of the verifyFirebaseIdToken middleware.
Request Parameters:
None
Response:
A JSON response with
success: 1
.