API Reference: Authentication Endpoints

Api Reference Authentication Api Reference Authentication

Complete reference for authentication API endpoints with request/response formats and examples.

POST /auth/token

Exchange credentials for access token.

Request:

{
  "grant_type": "password",
  "username": "user@example.com",
  "password": "secure123",
  "scope": "openid profile email"
}

Response:

{
  "access_token": "eyJhbG...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "refresh_token": "8xLOx...",
  "scope": "openid profile email"
}

POST /auth/refresh

Refresh access token using refresh token.

Headers:

Authorization: Bearer <refresh_token>

Response:

{
  "access_token": "eyJhbG...",
  "expires_in": 3600
}

See error codes section for detailed error responses.

January 25, 2024

OAuth Provider Configuration

Authentication Integration Oauth Social Login Identity Providers

Integrate popular OAuth providers to enable social login in your applications.

Google OAuth Setup

Create project in Google Cloud Console
Configure OAuth consent screen
Create credentials

const googleConfig = {
  clientId: 'your-client-id.apps.googleusercontent.com',
  clientSecret: 'your-client-secret',
  scopes: ['email', 'profile'],
  callbackUrl: 'https://your-app.com/callback/google'
};

GitHub OAuth Setup

const githubConfig = {
  clientId: 'Iv1.xxx',
  clientSecret: 'xxx',
  scopes: ['user:email', 'read:user'],
  callbackUrl: 'https://your-app.com/callback/github'
};

Microsoft OAuth Setup

const microsoftConfig = {
  clientId: 'your-app-id',
  clientSecret: 'your-secret',
  tenant: 'common',
  scopes: ['User.Read', 'email'],
  callbackUrl: 'https://your-app.com/callback/microsoft'
};

Implementation

auth.configure({
  providers: {
    google: googleConfig,
    github: githubConfig,
    microsoft: microsoftConfig
  }
});

For custom OAuth providers, see our advanced integration guide.