FSL ID Documentation
  • Overview of FSL ID
    • What is FSL ID?
  • Guides
    • Setup an FSL ID
  • Developers
    • Join as a Developer
    • FSL ID SDK
    • Univeral Login
    • Interact with Wallet
    • Reputation Score
      • Upload Reputation Score
      • Retrieve Reputation Score
    • Grant Scope
Powered by GitBook
On this page
  • Sign in with FSL ID
  • Get Authorization Code
  • Get access token and refresh token
  • Get access token without Authorization Code
  • Get User Profiles
  1. Developers

Univeral Login

PreviousFSL ID SDKNextInteract with Wallet

Last updated 6 months ago

API_BASE_URL:

Sign in with FSL ID

It is a universal login solution to be integrated into your products. The solution is built upon . The integration experience is pretty much similar to OAuth 2.0.

Get Authorization Code

Get /api/account/oauth/authorize

Get the authorization code to start with.

Parameters

Name
Mandatory?
Description

response_type

Y

Grant type. Use the value "code" to get an authorization code.

appkey

Y

The unique appkey for your App.

redirect_uri

Y

The redirect URL address after authorization success. The authorization code with be returned to the redirect URL. The redirect_urishould be url-encoded.

scope

N

state

N

A developer-specified parameter to validate or bring special information. The parameter will be brought to the redirect URL.

Returns

Authorization code which will be expired in 5 minutes.

Request Example

curl https://$API_BASE_URL/api/account/oauth/authorize \
-d "response_type=code" \
-d "appkey=1234" \
-d "redirect_uri=https%3A%2F%2Fmydomain.com%2Fredirect" \
-d "scope=basic" \
-d "state=test"

Response

https://mydomain.com/redirect?code=AUTHORIZATION_CODE&state=test

After the FSL ID verification and scope grant success, the system will redirect to the redirect URL with the authorization code and state parameter.

Get access token and refresh token

POST /api/account/oauth/token

Get access token and refresh token

Header

Name
Value

Content-Type

application/x-www-form-urlencoded

Parameters

Name
Mandatory?
Description

authorization_code refresh_token

Y

Provide either Authorization code or refresh_token

grant_type

Y

Should be "authorization_code" or "refresh_token".

appkey

Y

The unique appkey for your App.

appsecret

Y

The appsecret for your App.

redirect_uri

N

The token in json will be POST to redirect_uri if provided.

Request Example

curl -X POST \
--header 'Content-Type: application/x-www-form-urlencoded' \
-d "appkey=1234" \
-d "appsecret=abcd" \
-d "grant_type=authorization_code" \
-d "authorization_code=code" \
-d "redirect_uri=REDIRECT_URL" \
https://$API_BASE_URL/api/account/oauth/token

Response

{
    "code": 0,
    "data": {
        "access_token": "access token",
        "refresh_token": "refresh token",
        "access_token_expires_in": 86400,
        "refresh_token_expires_in": 2592000
    }
}
208003: Authorization code expired

Get access token without Authorization Code

Get /api/account/oauth/authorize

Get the access token directly from a server-less app.

Parameters

Name
Mandatory?
Description

response_type

Y

Must be "token" to get an access token.

appkey

Y

The unique appkey for your App.

redirect_uri

Y

The redirect URL address after authorization success. The access token with be returned to the redirect URL. The redirect_urishould be url-encoded.

scope

N

state

N

A developer-specified parameter to validate or bring special information. The parameter will be brought to the redirect URL.

Returns

access token which will expire in 1 day.

Request Example

curl https://$API_BASE_URL/api/account/oauth/authorize \
-d "response_type=token" \
-d "appkey=1234" \
-d "redirect_uri=https%3A%2F%2Fmydomain.com%2Fredirect" \
-d "scope=basic" \
-d "state=test"

Response

https://mydomain.com/redirect?access_token=ACCESS_TOKEN&state=test

Get User Profiles

Get /api/account/party/user

Get the user profiles under grant scope

Header

Name
Value

Content-Type

application/json

Authorization

Bearer <access token>

Request Example

curl --location 'https://$API_BASE_URL/api/account/party/user' \
--header 'Authorization: Bearer access_token'

Response

{
    "code": 0,
    "data": {
        "name": "Nickname",
        "fslUid": 6338505,
        "email": "test@gmail.com",
        "profileImage": "https://xxxx.com/profile.png",
        "walletAddr": {
            "solana": "",
            "evm": ""
        }
    }
}

. Refer to the definitions for more details. Only request basic scope when the parameter is not given.

. Refer to the definitions for more details. Only grant basic scope if parameter not given.

https://id.fsl.com
OAuth 2.0
Grant Scope
Grant Scope