Skip to content

Authorization

Jump to bottom Edit New page
verwebbt edited this page Nov 26, 2014 · 6 revisions

General

In order to access the API, you need to pass an generated access_token.

Scopes

An access token from google must have the following scopes:

Every API call needs an access token. Only access tokens generated by the sssnap-osx client or the Google OAuth2.0 playground are accepted. Access tokens from the playground will be turned off soon.

Sending the access token

You can send the access token in the URL as a Parameter or in the HTTP Authorization Header. Sending it in the HTTP Authorization Header is recommended. The URL Parameter will be ignored, if there's a HTTP Authorization Header.

Also you have to provide the information which OAuth2.0 provider belongs to the access token. Possible providers are:

  • google

In the URL

http://localhost:3000/api/user?access_token=F0Vs0GcrwOb8E41G1lDg&provider=google

In the HTTP Header

Authorization: Bearer F0Vs0GcrwOb8E41G1lDg
x-auth-provider: google

Get user object

After you signed in with Google, make a request to GET /api/user/me. You will get a user object with some data about the user. This request will register the user, if he isn't already registered.

Add a custom footer
Add a custom sidebar
Clone this wiki locally