Login API
The login endpoints are implementing an OAuth2 flow.
Acquire token with OAuth2 authorization
| Path | Method | Protected |
|---|---|---|
/v1/oauth2 | POST | No |
Gets a token by authorizing with an external OAuth2 provider. Currently only github is supported.
In the response:
idis the identifier of the token itselfaccountIdis the account's identifier, can be used on the account APIsecretis the secret key to be sent in the Authorization header as a bearer token for all the other endpoints
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| provider | string | Yes | Currently only github is supported. |
| access-token | string | Yes | OAuth2 access token |
Example Response JSON
{
"data": {
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"accountId": "string",
"createdAt": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z"
},
"secret": {
"value": "a860a344-d7b2-406e-828e-8d442f23f344"
}
}Get information about a token
| Path | Method | Protected |
|---|---|---|
/v1/login/token | GET | Yes |
Gets information about a token that is selected by the secret key passed in the Authorization header. The JSON is the same as the data object in the oauth2 endpoint's response.
Example Response JSON
{
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"accountId": "string",
"createdAt": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z"
}Start GitHub OAuth2 interactive flow
| Path | Method | Protected |
|---|---|---|
/login/oauth2/device/start | POST | No |
Starts an interactive authorization flow. The user must open the returned url and enter the userCode in a form before the expires deadline. Then the finish GitHub OAuth2 interactive flow endpoint must be called with the encoded session to finish the flow.
Example Response JSON
{
"url": "string",
"userCode": "string",
"expires": "2019-08-24T14:15:22Z",
"encodedSession": "string"
}Finish GitHub OAuth2 interactive flow
| Path | Method | Protected |
|---|---|---|
/login/oauth2/device/complete | POST | No |
Finishes an interactive authorization flow. The returned JSON is equivalent to the oauth2 endpoint's response. Returns a JSON string containing the encodedSession from the start endpoint's response.
Example Request JSON
"string"Example Response JSON
{
"data": {
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"accountId": "string",
"createdAt": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z"
},
"secret": {
"value": "a860a344-d7b2-406e-828e-8d442f23f344"
}
}Initiate OAuth2 Web Flow
| Path | Method | Protected |
|---|---|---|
/v1/login/oauth2/web/authorize | GET | No |
Starts the OAuth2 web flow authorization process by returning the authorization URL for the given provider.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| provider | string | Yes | Currently only github is supported. |
| redirect | string | No | The redirect URL to redirect to after the user has authorized the application |
Example Response JSON
{
"url": "string",
"state": "string"
}GitHub OAuth2 Web Flow callback
| Path | Method | Protected |
|---|---|---|
/v1/login/oauth2/web/callback/github | GET | No |
This endpoint handles the callback from GitHub after the user has authorized the application. It exchanges the code for an access token and then uses that to log the user in.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| code | string | Yes | The authorization code returned by GitHub |
| state | string | Yes | The state parameter for CSRF protection |
Example Response JSON
{}Poll for OAuth2 Web Flow token
| Path | Method | Protected |
|---|---|---|
/v1/login/oauth2/web/poll | GET | No |
This endpoint is used by clients to poll for the token after the user has authorized the application via the web flow.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| state | string | Yes | The state parameter for identifying the session |
Example Response JSON
{
"data": {
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"accountId": "string",
"createdAt": "2019-08-24T14:15:22Z",
"expiresAt": "2019-08-24T14:15:22Z"
},
"secret": {
"value": "a860a344-d7b2-406e-828e-8d442f23f344"
}
}Login API Errors
| Status Code | Description | Body |
|---|---|---|
| 400 | Invalid request, returning with a list of issues detected in the request | {"errors":["string"]} |
| 401 | Unauthorized request | {"error":"string"} |
| 403 | Forbidden Request | {"error":"string"} |
| 404 | Entity not found | {"error":"string"} |
| 409 | {"error":"string"} | |
| 500 | Internal server error | {"error":"string"} |