/init-login
: This endpoint will initiate the login process and return a URL to redirect the user to the Endaoment OAuth page./verify-login
: This endpoint will verify the login and exchange the code for an authentication token.clientId
and clientSecret
provided to you by Endaoment (stored securely on your backend)
ENDAOMENT_CLIENT_ID
and ENDAOMENT_CLIENT_SECRET
environment variables.It is extremely important that you do not store theclientId
andclientSecret
in your frontend application. This information should be kept secure on your backend service.
codeVerifier
, codeChallenge
, and state
.
The following code snippet, taken from the backend/utils/init-login.ts file in the quickstart example, demonstrates how to generate the codeVerifier
, codeChallenge
, and state
:
codeVerifier
, codeChallenge
, and state
, you can prepare the URL to redirect the user to the Endaoment OAuth page.
redirectUri
.
http://localhost:5454
http://localhost:5454/dev/token
redirectUri
, you must verify the login. This will require verifying the state
and code
and exchanging the code
for an authentication token.
The following code snippet, taken from the backend/routes/verify-login.ts file in the quickstart example, demonstrates how to verify the login and exchange the code
for an authentication token:
code
for an access_token
, you can store the token and return control to the frontend. The frontend can now use the token to make authenticated requests to your application.
If you would like to skip ahead, you can use the tool provided here to generate a development JWT token. Remember that this functionality is only available in development and should be replaced with your own OAuth server in production.