Current as of 1 Jul 2024

Authentication (oauth)

This document provides technical details about the API routes used for authenticating users and managing tokens in your application. These routes facilitate the OAuth2 authentication process, token generation, and token refresh operations.

Routes

1. OAuth2 Authentication Endpoint

Endpoint: GET /oauth2

Description: Initiates the OAuth2 authentication process by redirecting the user to the appropriate login page based on the host. It constructs a query string from the request parameters and appends it to the redirect URL.

Request Parameters:

  • Any query parameters passed in the request will be included in the redirect URL.

Response:

  • Redirects the user to the appropriate login URL.

2. Access Token Request

Endpoint: POST /access

Description: Verifies the authorization code and generates an access token and a refresh token. Returns the access token, refresh token, user ID, and organization ID.

Request Parameters:

  • code (string): The authorization code.

  • grant_type (string): The grant type, which should be authorization_code.

Response:

  • access_token (string): The access token.

  • refresh_token (string): The refresh token.

  • user_id (string): The user ID.

  • org_id (string): The organization ID.

3. Refresh Token Request

Endpoint: POST /refresh

Description: Verifies the refresh token and generates a new access token and refresh token.

Request Parameters:

  • refresh_token (string): The refresh token.

  • grant_type (string): The grant type, which should be refresh_token.

Response:

  • access_token (string): The new access token.

  • refresh_token (string): The new refresh token.

4. Test Endpoint

Endpoint: GET /test

Description: A test endpoint to verify the functionality of the verifyFirebaseIdToken middleware.

Request Parameters:

  • None

Response:

  • A JSON response with success: 1.