Univeral Login
Sign in with FSL ID
It is a universal login solution to be integrated into your products. The solution is built upon OAuth 2.0. The integration experience is pretty much similar to OAuth 2.0.
Get Authorization Code
Get /api/account/oauth/authorize
Get the authorization code to start with.
Parameters
response_type
Y
Grant type. Use the value "code" to get an authorization code.
appkey
Y
The unique appkey for your App.
redirect_uri
Y
The redirect URL address after authorization success. The authorization code with be returned to the redirect URL.
The redirect_urishould be url-encoded.
scope
N
Grant Scope. Refer to the definitions for more details. Only request basic scope when the parameter is not given.
state
N
A developer-specified parameter to validate or bring special information. The parameter will be brought to the redirect URL.
Returns
Authorization code which will be expired in 5 minutes.
Request Example
curl https://$API_BASE_URL/api/account/oauth/authorize \
-d "response_type=code" \
-d "appkey=1234" \
-d "redirect_uri=https%3A%2F%2Fmydomain.com%2Fredirect" \
-d "scope=basic" \
-d "state=test" Response
https://mydomain.com/redirect?code=AUTHORIZATION_CODE&state=testAfter the FSL ID verification and scope grant success, the system will redirect to the redirect URL with the authorization code and state parameter.
Get access token and refresh token
POST /api/account/oauth/token
Get access token and refresh token
Header
Content-Type
application/x-www-form-urlencoded
Parameters
authorization_code
refresh_token
Y
Provide either Authorization code or refresh_token
grant_type
Y
Should be "authorization_code" or "refresh_token".
appkey
Y
The unique appkey for your App.
appsecret
Y
The appsecret for your App.
redirect_uri
N
The token in json will be POST to redirect_uri if provided.
Request Example
curl -X POST \
--header 'Content-Type: application/x-www-form-urlencoded' \
-d "appkey=1234" \
-d "appsecret=abcd" \
-d "grant_type=authorization_code" \
-d "authorization_code=code" \
-d "redirect_uri=REDIRECT_URL" \
https://$API_BASE_URL/api/account/oauth/token
Response
{
"code": 0,
"data": {
"access_token": "access token",
"refresh_token": "refresh token",
"access_token_expires_in": 86400,
"refresh_token_expires_in": 2592000
}
}208003: Authorization code expiredGet access token without Authorization Code
Get /api/account/oauth/authorize
Get the access token directly from a server-less app.
Parameters
response_type
Y
Must be "token" to get an access token.
appkey
Y
The unique appkey for your App.
redirect_uri
Y
The redirect URL address after authorization success. The access token with be returned to the redirect URL.
The redirect_urishould be url-encoded.
scope
N
Grant Scope. Refer to the definitions for more details. Only grant basic scope if parameter not given.
state
N
A developer-specified parameter to validate or bring special information. The parameter will be brought to the redirect URL.
Returns
access token which will expire in 1 day.
Request Example
curl https://$API_BASE_URL/api/account/oauth/authorize \
-d "response_type=token" \
-d "appkey=1234" \
-d "redirect_uri=https%3A%2F%2Fmydomain.com%2Fredirect" \
-d "scope=basic" \
-d "state=test" Response
https://mydomain.com/redirect?access_token=ACCESS_TOKEN&state=testGet User Profiles
Get /api/account/party/user
Get the user profiles under grant scope
Header
Content-Type
application/json
Authorization
Bearer <access token>
Request Example
curl --location 'https://$API_BASE_URL/api/account/party/user' \
--header 'Authorization: Bearer access_token' Response
{
"code": 0,
"data": {
"name": "Nickname",
"fslUid": 6338505,
"email": "[email protected]",
"profileImage": "https://xxxx.com/profile.png",
"walletAddr": {
"solana": "",
"evm": ""
}
}
}Last updated